| ocspd(1) | General Commands Manual | ocspd(1) |
ocspd — OCSP and
CRL Daemon
ocspd |
ocspd performs caching and network
fetching of Certificate Revocation Lists (CRLs) and Online Certificate
Status Protocol (OCSP) responses. It is used by Security.framework during
certificate verification. Security.framework communicates with
ocspd via a private RPC interface. When
Security.framework determines that a CRL is needed, or that it needs to
perform an OCSP transaction, it performs an RPC to
ocspd which then examines its cache to see if the
appropriate CRL or OCSP response exists and is still valid. If so, that
entity is returned to Security.framework. If no entry is found in cache,
ocspd obtains it from the network, saving the result
in cache before returning it to Security.framework.
This command is not intended to be invoked directly.
/private/var/db/crls/crlcache.db CRL cache
/private/var/db/crls/ocspcache.db OCSP response cache
ocspd was first introduced in Mac OS X
version 10.4 (Tiger).
| Thurs Mar 31 2005 | Darwin |