Cisco Cisco Packet Data Gateway (PDG)
IPSec Certificates
▀ Online Certificate Status Protocol (OCSP)
▄ IPSec Reference, StarOS Release 17
126
Call Flows
Successful OCSP Response
Figure 23. Call Flow: Successful OCSP Response
The peer certificate is obtained as CERT payload in the IKE message. The received certificate is converted to the
OpenSSL format. This certificate is then passed to the OpenSSL OCSP client along with the X509_STORE to from an
OCSP request. A connection to the OCSP responder is established and the request is sent.
OpenSSL format. This certificate is then passed to the OpenSSL OCSP client along with the X509_STORE to from an
OCSP request. A connection to the OCSP responder is established and the request is sent.
On receipt of the response the IKE_AUTH transaction continues.