https://www.pistack.xyz/tags/ocsp/ Recent content in Ocsp on Pi Stack Hugo en-us Wed, 06 May 2026 00:00:00 +0000 https://www.pistack.xyz/posts/2026-05-06-self-hosted-ocsp-responder-certificate-revocation-cfssl-smallstep-ejbca-crl/ Wed, 06 May 2026 00:00:00 +0000 https://www.pistack.xyz/posts/2026-05-06-self-hosted-ocsp-responder-certificate-revocation-cfssl-smallstep-ejbca-crl/ <p>Certificate revocation is one of the most overlooked aspects of self-hosted PKI infrastructure. When a TLS certificate is compromised, expired, or issued in error, the certificate authority must provide a mechanism for clients to verify that the certificate is no longer trusted. Without proper revocation checking, compromised certificates remain valid until their natural expiration date — potentially months or years.</p>