Enables or disables Online Certificate Status Protocol (OCSP) check for SSH2 x509v3 authentication.
x509v3 | Specifies x509v3 certificate-based authentication. |
ocsp | Specifies configuring OCSP for real-time certificate revocation status checking. |
on | Enables OCSP (default). |
off | Disables OCSP. |
By default, OCSP is enabled.
While you can disable OCSP, it is not recommended because no certificate revocation status check is performed.
The following example enables OCSP check for SSH2 x509v3 servers.
# configure ssh2 x509v3 ocsp on
This command was first available in ExtremeXOS 32.2.
This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.