| # This Source Code Form is subject to the terms of the Mozilla Public |
| # License, v. 2.0. If a copy of the MPL was not distributed with this |
| # file, You can obtain one at http://mozilla.org/MPL/2.0/. |
| |
| scenario OCSPD |
| |
| #root CA |
| entity OCSPRoot |
| type Root |
| export_key |
| |
| #CA - OK |
| entity OCSPCA1 |
| type Intermediate |
| issuer OCSPRoot |
| serial 1 |
| ocsp online |
| export_key |
| |
| #CA - revoked |
| entity OCSPCA2 |
| type Intermediate |
| issuer OCSPRoot |
| serial 2 |
| ocsp online |
| export_key |
| |
| #CA - unknown status |
| entity OCSPCA3 |
| type Intermediate |
| issuer OCSPRoot |
| serial 3 |
| ocsp offline |
| export_key |
| |
| #EE - OK |
| entity OCSPEE11 |
| type EE |
| issuer OCSPCA1 |
| serial 1 |
| ocsp online |
| |
| #EE - revoked on OCSP |
| entity OCSPEE12 |
| type EE |
| issuer OCSPCA1 |
| serial 2 |
| ocsp online |
| |
| #EE - revoked on CRL |
| entity OCSPEE13 |
| type EE |
| issuer OCSPCA1 |
| serial 3 |
| ocsp online |
| |
| #EE - revoked on OCSP and CRL |
| entity OCSPEE14 |
| type EE |
| issuer OCSPCA1 |
| serial 4 |
| ocsp online |
| |
| #EE - unknown status |
| entity OCSPEE15 |
| type EE |
| issuer OCSPCA1 |
| serial 5 |
| ocsp offline |
| |
| #EE - valid EE, revoked CA |
| entity OCSPEE21 |
| type EE |
| issuer OCSPCA2 |
| serial 1 |
| ocsp online |
| |
| #EE - revoked EE, revoked CA |
| entity OCSPEE22 |
| type EE |
| issuer OCSPCA2 |
| serial 2 |
| ocsp online |
| |
| #EE - revoked EE, CA pointing to invalid OCSP |
| entity OCSPEE23 |
| type EE |
| issuer OCSPCA2 |
| serial 3 |
| ocsp offline |
| |
| #EE - valid EE, CA pointing to invalid OCSP |
| entity OCSPEE31 |
| type EE |
| issuer OCSPCA3 |
| serial 1 |
| ocsp online |
| |
| #EE - revoked EE, CA pointing to invalid OCSP |
| entity OCSPEE32 |
| type EE |
| issuer OCSPCA3 |
| serial 2 |
| ocsp online |
| |
| #EE - EE pointing to invalid OCSP, CA pointing to invalid OCSP |
| entity OCSPEE33 |
| type EE |
| issuer OCSPCA3 |
| serial 3 |
| ocsp offline |
| |
| crl OCSPRoot |
| |
| revoke OCSPRoot |
| serial 2 |
| |
| crl OCSPCA1 |
| |
| revoke OCSPCA1 |
| serial 2 |
| |
| revoke OCSPCA1 |
| serial 4 |
| |
| crl OCSPCA2 |
| |
| revoke OCSPCA2 |
| serial 2 |
| |
| revoke OCSPCA2 |
| serial 3 |
| |
| crl OCSPCA3 |
| |
| revoke OCSPCA3 |
| serial 2 |
| |
| revoke OCSPCA3 |
| serial 3 |
| |
| # Used for running a single OCSP server (httpserv) instance that can |
| # handle multiple CAs, e.g.: |
| # httpserv -p 8641 -d . -f dbpasswd \ |
| # -A OCSPRoot -C OCSPRoot.crl -A OCSPCA1 -C OCSPCA1.crl \ |
| # -A OCSPCA2 -C OCSPCA2.crl -A OCSPCA3 -C OCSPCA3.crl |
| db Server |
| import OCSPRoot::CT,C,C |
| import_key OCSPRoot |
| import_key OCSPCA1 |
| import_key OCSPCA2 |
| import_key OCSPCA3 |
| |
| # A DB containing all certs, but no keys. |
| # Useful for manual OCSP client testing, e.g.: |
| # ocspclnt -d . -S OCSPEE12OCSPCA1 -u s |
| db Client |
| import OCSPRoot::CT,C,C |
| import OCSPCA1OCSPRoot:: |
| import OCSPCA2OCSPRoot:: |
| import OCSPCA3OCSPRoot:: |
| import OCSPEE11OCSPCA1:: |
| import OCSPEE12OCSPCA1:: |
| import OCSPEE13OCSPCA1:: |
| import OCSPEE14OCSPCA1:: |
| import OCSPEE15OCSPCA1:: |
| import OCSPEE21OCSPCA2:: |
| import OCSPEE22OCSPCA2:: |
| import OCSPEE23OCSPCA2:: |
| import OCSPEE31OCSPCA3:: |
| import OCSPEE32OCSPCA3:: |
| import OCSPEE33OCSPCA3:: |