OCSP_REMOVE_CA_REQUEST_PROCESSED Audit Event - dogtagpki/pki GitHub Wiki

Overview

The OCSP_REMOVE_CA_REQUEST_PROCESSED audit event is generated when a remove CA request to the OCSP Responder is processed.

Note: In PKI 10.5 the OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS and OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE events are replaced by OCSP_REMOVE_CA_REQUEST_PROCESSED event.

Examples

Successful Operation

Use OCSP Web UI to remove a CA from OCSP:

The server will generate the following events:

[AuditEvent=OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS][SubjectID=ocspadmin][Outco
me=Success][CASubjectDN=CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE] Remov
e CA for OCSP Responder is successful

Failed Operation

Use OCSP Web UI to remove a non-existent CA from OCSP:

  • Open https://pki.example.com:8443/ocsp

  • Click Agent Services

  • Click List Certificate Authorities

  • Open the same page in another browser window.

  • Click Remove CA in one window.

  • Click Remove CA for the same CA in the other window.

The server will generate the following events:

[AuditEvent=OCSP_REMOVE_CA_REQUEST_PROCESSED][SubjectID=ocspadmin][Outcome=Failu
re][CASubjectDN=CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE] Remove CA for
 OCSP Responder has failed
Tip
 To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.
⚠️ **GitHub.com Fallback** ⚠️