configure ssh2 x509v3 ocspNEW!

configure ssh2 x509v3 ocsp [on | off]

Description

Enables or disables Online Certificate Status Protocol (OCSP) check for SSH2 x509v3 authentication.

Syntax Description

x509v3 Specifies x509v3 certificate-based authentication.
ocsp Specifies configuring OCSP for real-time certificate revocation status checking.
on Enables OCSP (default).
off Disables OCSP.

Default

By default, OCSP is enabled.

Usage Guidelines

While you can disable OCSP, it is not recommended because no certificate revocation status check is performed.

Example

The following example enables OCSP check for SSH2 x509v3 servers.

# configure ssh2 x509v3 ocsp on

History

This command was first available in ExtremeXOS 32.2.

Platform Availability

This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.