Configure Data Input - Direct SCVP Interface

The Direct SCVP Interface enables you to configure how individual SCVP responses are created. The Direct SCVP Interface is the Validation Authority built-in SCVP responder, which allows Validation Authority to directly service SCVP requests (both DPD and DPV), rather than using a Validation Responder to service SCVP requests.

1. On the Configuration page, click configure Direct SCVP Interface.

   

2. Select the Enabled option to enable the Direct SCVP Interface. By default, this option is not selected.

3. Select the Dynamic Path Discovery option to allow CA certificates and CRLs that are part of a discovered path but are not already registered in Validation Authority to be dynamically retrieved (if available) and registered in Validation Authority.

   In order for CRLs to be dynamically registered, you must send a request with:

   Copy

   id-stc-build-status-checked-pkc-path OID "1.3.6.1.5.5.7.17.3"

   Refer to RFC 5055.

4. In the Max Path Depth field, specify the maximum number of CA certificates that may be dynamically retrieved for an SCVP request.

   If a path has more than this many CAs, then path discovery will fail. This setting is not applicable if DPD is disabled.

5. Select the Dynamic Data Source Registration option to automatically register data sources for dynamically discovered CA certificates and CRLs.

   When selected, dynamically discovered CA certificates and CRLs will be updated when the data sources job runs.

6. Once you have made the desired changes, click Update Configuration to save your changes.

   Alternatively, click Revert Changes to discard your changes and revert to the previously saved settings.