PKI OCSP Certificate CLI - dogtagpki/pki GitHub Wiki
The pki ocsp-cert-verify
provides an interface to verify a certificate using OCSP protocol.
The command can be used against the OCSP responder in OCSP subsystem or the built-in OCSP responder in CA subsystem.
Availability: Since PKI 11.7
To verify a certificate against the OCSP responder in OCSP subsystem:
$ pki ocsp-cert-verify \ --ca-cert ca_signing \ <serial number>
To verify a certificate against the built-in OCSP responder in CA subsystem:
$ pki ocsp-cert-verify \ --path /ca/ocsp \ --ca-cert ca_signing \ <serial number>