Disabling OCSP for TLS Connections to Remote Syslog Servers
For compliance with RFC 6960 (X.509 Internet Public Key Infrastructure Online Certificate Status Protocol – OCSP), you can disable the OCSP check for Transport Layer Security (TLS) connections to remote Syslog servers by using the following command:
configure syslog tls ocsp [on | off]
To see the status of OCSP checking, use the following command:
show log configuration
NoteBe sure you understand the ramifications of turning off OCSP if you chose to do so.