OCSP Responder Explained

The OCSP Responder (Online Certificate Status Protocol) is a URL embedded in a certificate's Authority Information Access (AIA) extension that points to the CA's real-time certificate status service. Browsers and TLS clients use this URL to check whether the certificate has been revoked before trusting it.

How OCSP Works

1. The client extracts the OCSP URL from the certificate's AIA extension
2. The client sends an OCSP request to that URL containing the certificate's serial number
3. The CA's OCSP responder looks up the serial number and returns a signed response: good, revoked, or unknown
4. If revoked, the client refuses the connection

OCSP Stapling

A privacy and performance improvement over vanilla OCSP is OCSP stapling. Instead of the browser querying the CA's OCSP responder directly (which reveals to the CA which sites users are visiting), the server fetches the OCSP response itself and "staples" it to the TLS handshake. The browser verifies the stapled response's signature without contacting the CA. This is the recommended deployment for production web servers.

OCSP Must-Staple

The OCSP Must-Staple extension (TLS Feature Extension, RFC 7633) tells clients to reject the connection if no valid stapled OCSP response is provided during the handshake. This prevents downgrade attacks where an attacker intercepts OCSP requests to make a revoked certificate appear valid. Look for TLS Feature: status_request in the certificate extensions.

Reading the OCSP URL in the Decoder

The OCSP URL appears in the Authority Info Access extension, labeled as OCSP - URI:. For Let's Encrypt certificates this is typically http://r10.o.lencr.org. For DigiCert: http://ocsp.digicert.com. Note that OCSP URLs use HTTP, not HTTPS — this is intentional to avoid a circular dependency (you'd need to validate a cert to check a cert).