0

I am adding a 3rd party OCSP responder(Tumbleweed) plugin to IIS 6.0/Windows. I have the 3rd party tool configured to check the revocation status and would like to assert that IIS is not making a duplicate check. Is there a log (other than the IIS HTTP status code log) to help determine this? (It seems that Tumbleweed relies on the CertCheckMode property, so I can't just turn that off).

Brennan
  • 1,398
  • 6
  • 18
Kevin
  • 1
  • 1

1 Answers1

1

IIS6.0 doesn't support OCSP without a 3rd party OCSP client such as Tumbleweed, however, we can still check anyways! :)

  1. You can run a sniffer to observe the OCSP traffic on the wire

  2. You can recheck your CAPI settings and see the pointer to Tumbleweed

  3. You can ask the administrator of your OCSP responder or repeater to read the audit log and see if 1 or 2 requests are incoming from your host. The IP address of the server in question will come in handy for this!

Brennan
  • 1,398
  • 6
  • 18