Software to improve the speed and security of OCSP validation.
Responses are served at the front-end by an Nginx module. A single instance can serve over one billion responses per day.
Entirely written in C with no Java or back-end database required. Very low memory footprint.
OCSP responses are produced in batch at pre-determined intervals.
Once produced, responses are uploaded to the front-end, Nginx based repeater.
OCSP requests are never routed to the backend OCSP signer/HSM.
Capable of handling all types of request.
Requests using GET or POST.
Requests with a nonce.
Supports responses for unknown (not issued) certificates.
Latest RFC support.