Online Certificate Status Protocol
Protocol to check a digital certificate
Why this is trending
Interest in “Online Certificate Status Protocol” spiked on Wikipedia on 2026-02-25.
Categorised under Technology, this article fits a familiar pattern. wt.cat.technology.1
By monitoring millions of daily Wikipedia page views, GlyphSignal helps you spot cultural moments as they happen and understand the stories behind the numbers.
Key Takeaways
- The Online Certificate Status Protocol ( OCSP ) is an Internet protocol used for obtaining the revocation status of an X.
- It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI).
- 1 and are usually communicated over HTTP.
- Some web browsers (e.
- Most OCSP revocation statuses on the Internet disappear soon after certificate expiration.
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). Messages communicated via OCSP are encoded in ASN.1 and are usually communicated over HTTP. The "request/response" nature of these messages leads to OCSP servers being termed OCSP responders.
Some web browsers (e.g., Firefox) use OCSP to validate HTTPS certificates, while others have disabled it. Most OCSP revocation statuses on the Internet disappear soon after certificate expiration.
Certificate authorities (CAs) were previously required by the CA/Browser Forum to provide OCSP service, but this requirement was removed in July 2023, making OCSP optional and CRLs required again. On August 6, 2025, Let's Encrypt announced that OCSP services will be shut down due to privacy concerns.
Content sourced from Wikipedia under CC BY-SA 4.0
