ocspd(1) BSD General Commands Manual ocspd(1)
NAME
ocspd -- OCSP and CRL Daemon
SYNOPSIS
ocspd
DESCRIPTION
ocspd performs caching and network fetching of Certificate Revocation
Lists (CRLs) and Online Certificate Status Protocol (OCSP) responses. It
is used by Security.framework during certificate verification. Secu-
rity.framework communicates with ocspd via a private RPC interface. When
Security.framework determines that a CRL is needed, or that it needs to
perform an OCSP transaction, it performs an RPC to ocspd which then exam-
ines its cache to see if the appropriate CRL or OCSP response exists and
is still valid. If so, that entity is returned to Security.framework. If
no entry is found in cache, ocspd obtains it from the network, saving the
result in cache before returning it to Security.framework.
This command is not intended to be invoked directly.
FILES
/private/var/db/crls/crlcache.db CRL cache
/private/var/db/crls/ocspcache.db OCSP response cache
HISTORY
ocspd was first introduced in Mac OS X version 10.4 (Tiger).
AUTHORS
Doug Mitchell
Darwin September 17, 2009 Darwin
Mac OS X 10.6 - Generated Thu Sep 17 20:08:13 CDT 2009