15Şub
Exposing ADCS OCSP on the Public Internet
I am building a Certificate Authority using Windows Server ADCS as a 'Standalone' CA but my application would be greatly improved if I can utilise OCSP.
Is the ADCS Online Responder Role Service appropriate to be exposed on the public internet? Are there any best-practices to harden it, and reduce it's attacker surface, for this use-case?