Download the PHP package ocsp/responder without Composer
On this page you can find all versions of the php package ocsp/responder. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download ocsp/responder
More information about ocsp/responder
Files in ocsp/responder
Package responder
Short Description Library implement an Online Certificate Status Protocol (OCSP) responder
License MIT
Homepage https://github.com/bseddon/ocsp-responder/
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package responder
OCSP Responder
This project is a PHP implementation of RFC 6960 to respond to X509 certificate checking by clients. Example interfaces are provided to show how certificate status can be based on a JSON file store, an OpenSSL certificate database file and a MySQL table.
Use case
The purpose of this responder is validate certificates you have created for clients that trust you. For example, you might have an application that allows a user to sign an Xml document using an X509 so consumers of that document are able to verify the data contained in the Xml document has not been modified. Although the Xml document is signed by your application for your client, how does a consumer of a signed Xml document know the certificate used is valid? The consumer can ask you to confirm the certificate used to sign a document is valid and not revoked by requesting an OCSP response from you, the author of the application used to sign the Xml document.
Non-use case
The target use of this responder is not to get browsers to recognise certificates you generate. Browsers include a bundle of certificates from well-known root certificate authorities such as Digicert,Let's Encrypt and others. Although the responder will generate a valid response if asked by a browser, unless your CA certificate is signed by a well-known root certificate authority or a recognized intermediary. That is, the browser will not validate certificates you create and sign if your certificate chain does not end at a well-known root certificate authority.
Requirements
- Any HTTP server suitable for running PHP scripts.
- PHP version 7.3 or higher
Source
This project is based on https://github.com/xperseguers/ocsp-responder which in turn is based on libpkix-asn1-php_1.0-6_all.deb available on http://pki.cesnet.cz/sw/ocsp. Unlike these implementations that return pre-prepared responses (where do the responses come from?) it will generate an appropriate response based on information in a certificate store of some kind.
Dependency
OCSP requests and responses take the form of DER encoded stream of ASN.1 tokens. The code used to parse and write ASN.1 is in this OCSP request repository.
Use
See the wiki for details on how to setup a test CA and use this responder code.
Install
Use the composer command to get the most recent stable version, create a folder and open a command window then type:
To work at the bleeding edge, create a folder and open a command window then first create a file called composer.json with this content:
Then enter the command:
