Set Up an Online Responder
Applies To: Windows Server 2008, Windows Server 2012
An Online Responder can be installed on any computer running Windows ServerĀ® 2008 Enterprise or Windows Server 2008 Datacenter. The certificate revocation data can come from a certification authority (CA) on a computer running Windows Server 2008, a CA on a computer running Windows Server 2003, or from a non-Microsoft CA.
Note
Internet Information Services (IIS) must also be installed on this computer before the Online Responder can be installed.
The following procedure can be used if none of the Active Directory Certificate Services (AD CS) role services (such as a CA) have been installed on this computer.
Membership in local Administrators, or equivalent, is the minimum required to complete this procedure. For more information about administering a public key infrastructure (PKI), see Implement Role-Based Administration.
To install the Online Responder service
Click Start, point to Administrative Tools,and then click Server Manager.
Click Manage Roles. Under Active Directory Certificate Services, click Add role services. If a different AD CS role service has already been installed on this computer, select the Active Directory Certificate Services check box in the Role Summary pane, and then click Add role services.
On the Select Role Services page, select the Online Certificate Status Protocol check box.
A message appears explaining that IIS and Windows Activation Service (WAS) must also be installed to support OCSP.
Click Add required role services, and thenclick Next three times.
On the Confirm Installation Options page, click Install.
When the installation is complete, review the status page to verify that the installation was successful.
Additional considerations
- Before an Online Responder can be used, you must also create a revocation configuration. See Creating a Revocation Configuration.