Skip to main content
Skip table of contents

Nexus OCSP Responder architecture overview

This figure describes Nexus OCSP Responder with its components and their external interfaces.

  • The logical OCSP responders make up the interface exposed to the OCSP clients, which typically may be web browsers, mail clients etc.
  • The logical OCSP responders can either forward the request to a remote responder (see Back end client section), or query local data in the CRL/CIL cache (see Validation section). The CRL/CIL cache is provided with fresh CRLs by pull and push methods and CILs by push methods (see Validation section).
  • To save time, the responses from certain root CAs can be cached (see OCSP response cache section).
  • Key management handles all the keys needed for signing OCSP responses and for TLS client and server authentication (see Key management section).
  • System management (see System management section) contains the agent that listens to all log messages. If Nexus OCSP Responder works in an environment that includes a built-in system monitor – a supervisor, the agent can also send signals to and receive signals from the supervisor.
  • The workflow for different types of OCSP responders is described in Workflow for Nexus OCSP Responders.

Related information

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.