Disabling OCSP for TLS Connections to Remote Syslog Servers

For compliance with RFC 6960 (X.509 Internet Public Key Infrastructure Online Certificate Status Protocol – OCSP), you can disable the OCSP check for Transport Layer Security (TLS) connections to remote Syslog servers by using the following command:

configure syslog tls ocsp [on | off]

To see the status of OCSP checking, use the following command:

show log configuration



Be sure you understand the ramifications of turning off OCSP if you chose to do so.