This section provides step by step guide for installation, configuration and usage of OCSP Web. This is generally deployed in the DMZ for external applications to interface. OCSP Web will in turn interfaces with OCSP Core that is deployed in the MZ where in only selected internal application will have access to it.
Configuration
Note – all actions required for setting up and configuring OCSP Web should be done using administrator privileges
Environment Variables - For ocspweb.properties
This file is used to configure logs.
For Linux
For setting the environment variable in Linux, run following command:
sudo -H gedit /etc/environment
It will open environment folder and set OCSP Web path inside that
OCSPWEB_CONFIGURATION_PATH for ocspweb.properties file as shown in below figure
Once the Environment variable is set for ocspweb.properties, the user can open the ocspweb.properties to configure logs.
Snapshot
Please find below is the ocspweb.properties file snapshot for reference:
OCSP Web has to connect to OCSP Core for passing the requests received by OCSP Web to OCSP Core. For connecting to OCSP Core, in the properties file as shown below
# URL where ocspcore is deployed
emca.ocsp.url=http://<ipaddress>:<port>/ocsprespondercore
Logs
The application uses Log4j for logging. Please specify the local server path for collecting the logs in the log4j.xml file. The local server path of log4j.xml file need to be provided in ocspweb.properties file which is set in the environment variables [please refer section 6.4.1.1]
In the above LOCAL SERVER PATH, the administrator has to provide folder path where in the log files get generated.
Deployment
The following components are required for deployment:
OCSP Web (ocspresponderweb.war file)
OCSP Web comes as a war file which has to be deployed on the application server. Server provides configuration through properties file.
Please configure and save all the properties. Then deploy the configured OCSP Web war file.
Please find below steps to deploy the application:
Copy the ocspresponderweb.war inside Tomcat->Web apps folder apache-tomcat\webapps
Windows run services.msc
Go to Apache Tomcat and click Start
Quick Check Guide
Once deployment is successfully done and the server is started, Open any browser like internet explorer, Google Chrome, Firefox etc. and enter URL- as mentioned below
https://www.example.com/ocspresponderweb in enter address field place (For ex: https:// 127.0.0.1:8080/ocspresponderweb)
The following message is displayed. This implies that the application is deployed properly.
“HTTP Status 405 - OCSP only supports POST”.
To verify whether logs are getting generated as per the path defined, please open the folder that is mentioned in the configuration path set in log4j.xml file (Configuration->log4j.xml)
"[Local Server Path]/OCSPResponderWeb.log
Please make sure that the log file is created in the above-mentioned path.
