Skip to content

OCSP_SIGNING_INFO Audit Event

Endi S. Dewata edited this page May 31, 2023 · 4 revisions

Overview

The OCSP_SIGNING_INFO audit event is generated when CA or OCSP subsystem is started to indicate which key is used to sign OCSP responses.

Examples

For host CA in CA subsystem, the event will look like the following:

[AuditEvent=OCSP_SIGNING_INFO][SubjectID=$System$][Outcome=Success][SKI=B4:D3:3D
:4A:94:D7:A8:AD:65:E2:2B:F1:C5:49:EF:7B:2B:D5:62:93] OCSP signing info

For lightweight sub-CA in CA subsystem, the event will include the authority ID:

[AuditEvent=OCSP_SIGNING_INFO][SubjectID=$System$][Outcome=Success][SKI=5C:A8:93
:F7:73:08:0D:41:A6:99:89:34:F9:BE:F1:6E:0D:7C:D4:21][AuthorityID=f6276562-a11c-4
a68-b752-2679b2a40962] OCSP signing info

For OCSP subsystem, the event will look like the following:

[AuditEvent=OCSP_SIGNING_INFO][SubjectID=$System$][Outcome=Success][SKI=B4:D3:3D
:4A:94:D7:A8:AD:65:E2:2B:F1:C5:49:EF:7B:2B:D5:62:93] OCSP signing info
Clone this wiki locally