| Method | Path | Description |
|---|
| POST | /v1/ocsp/test | Test OCSP |
Test OCSP
POST /v1/ocsp/test
Queries the OCSP server for the proxy certificate’s latest status and returns the response as JSON. It caches the response if the OCSP feature is enabled.
Required permissions
Request
Example HTTP request
POST /ocsp/test
| Key | Value | Description |
|---|
| Host | cnm.cluster.fqdn | Domain name |
| Accept | application/json | Accepted media type |
Response
Returns an OCSP status object.
Example JSON body
{
"responder_url": "http://responder.ocsp.url.com",
"cert_status": "REVOKED",
"produced_at": "Wed, 22 Dec 2021 12:50:11 GMT",
"this_update": "Wed, 22 Dec 2021 12:50:11 GMT",
"next_update": "Wed, 22 Dec 2021 14:50:00 GMT",
"revocation_time": "Wed, 22 Dec 2021 12:50:04 GMT"
}
Error codes
When errors occur, the server returns a JSON object with error_code and message fields that provide additional information. The following are possible error_code values:
| Code | Description |
|---|
| no_responder_url | Tried to test OCSP status with no responder URL configured |
| ocsp_unsupported_by_capability | Not all nodes support OCSP capability |
| task_queued_for_too_long | OCSP polling task was in status “queued” for over 5 seconds |
| invalid_ocsp_response | The server returned a response that is not compatible with OCSP |
Status codes
