Configuring OCSPd

Configuring the NTP server(s)

Step 1: Access the server through SSH with an account with administrative privileges;

Step 2: Load the OCSPd Configuration Utility with the following command:

# /opt/ocspd/sbin/ocspd-config

Step 3: In the main menu, select 'NTP':

OCSPd NTP Config Menu

Step 4: Specify the list of NTP server(s) separated by ',' and validate:

Set NTP server(s)

Step 5: The NTPs configuration is updated:

NTP configuration updated

Step 6: Exit the configuration utility and restart the NTPd service with the following command:

# /etc/init.d/ntpd restart

Configuring the SMTP Relay

Step 1: Access the server through SSH with an account with administrative privileges;

Step 2: Load the OCSPd Configuration Utility with the following command:

# /opt/ocspd/sbin/ocspd-config

Step 3: In the main menu, select 'SMTP':

OCSPd SMTP Config Menu

Step 4: Specify IP address or the DNS name of the SMTP relay and validate:

Set SMTP relay

Step 5: The Postfix configuration is updated:

SMTP configuration updated

Step 6: Exit the configuration utility and restart the Postfix service with the following command:

# /etc/init.d/postfix restart

Configuring the OCSPd Administrator’s Email Address

Step 1: Access the server through SSH with an account with administrative privileges;

Step 2: Load the OCSPd Configuration Utility with the following command:

# /opt/ocspd/sbin/ocspd-config

Step 3: In the main menu, select 'Administrator':

OCSPd Admin Config Menu

Step 4: Specify the email address of the OCSPd Administrator and validate:

Set Administrator Email

Step 5: Exit the Configuration Utility;

Step 6: Validate the SMTP relay and Administrator Email Address with the following commands:

# yum install mailx
# mail -s ‘Hello OCSPd’ root
> Hello From OCSPd
.

Step 7: Ensure that the email defined step 4 receives the test email.

Configuring the Radius Server

Step 1: Access the server through SSH with an account with administrative privileges;

Step 2: Load the OCSPd Configuration Utility with the following command:

# /opt/ocspd/sbin/ocspd-config

Step 3: In the main menu, select 'OCSPd':

OCSPd Config Menu

Step 4: In the OCSPd menu, select 'RADIUS':

OCSPd Secret Menu

Step 5: Specify the following Radius configuration settings and validate:

'CHAP' and 'PAP' protocols are supported by OCSPd.
Generate Secret

Step 6: The OCSPd configuration is updated:

Secret Updated

Configuring the LDAP Server

Step 1: Access the server through SSH with an account with administrative privileges;

Step 2: Load the OCSPd Configuration Utility with the following command:

# /opt/ocspd/sbin/ocspd-config

Step 3: In the main menu, select 'OCSPd':

OCSPd Config Menu

Step 4: In the OCSPd menu, select 'RADIUS':

OCSPd Secret Menu

Step 5: Specify the following LDAP configuration settings and validate:

By default the LDAP configuration will use port 389 and SSL/TLS 'false'.
The filter settings is optionnal.
Generate Secret

Step 6: The OCSPd configuration is updated:

Secret Updated

Generating a new OCSPd Application Secret

Step 1: Access the server through SSH with an account with administrative privileges;

Step 2: Load the OCSPd Configuration Utility with the following command:

# /opt/ocspd/sbin/ocspd-config

Step 3: In the main menu, select 'OCSPd':

OCSPd Config Menu

Step 4: In the OCSPd menu, select 'SECRET':

OCSPd Secret Menu

Step 5: Validate the new OCSPd Application Secret:

Generate Secret

Step 6: The OCSPd configuration is updated:

Secret Updated

Installing the OCSPd license

Step 1: Upload the 'ocspd.lic' file through SCP under '/tmp/ocspd.lic':

Step 2: Access the server through SSH with an account with administrative privileges;

Step 3: Move the license file and set the permissions using the following commands:

# mv /tmp/ocspd.lic /opt/ocspd/etc
# chown ocspd:ocspd /opt/ocspd/etc/ocspd.lic
# chmod 640 /opt/ocspd/etc/ocspd.lic