TL;DR — Résumé Rapide
What is: — explained with examples. What is: O nline C ertificate S tatus P rotocol (OCSP) Extensions from Microsoft
Note : Cet article a été publié à l’origine en 2014. Certaines étapes, commandes ou versions de logiciels ont pu changer. Consultez la documentation actuelle de Microsoft pour les informations les plus récentes.
Oui, ocsp.msocsp.com est tout à fait sûr. C’est un domaine Microsoft légitime utilisé pour valider l’état de sécurité des certificats numériques sur les systèmes Windows.
Si votre pare-feu d’entreprise ou votre logiciel de surveillance réseau (comme PfSense, Fortinet ou Wireshark) vous alerte d’un trafic constant vers http://ocsp.msocsp.com, ne le bloquez pas. Le blocage de ce domaine peut faire échouer les mises à jour Windows, les installations Office ou les sites Web chiffrés lors de leurs vérifications de sécurité.
Cet article explique ce que fait ce point de terminaison et pourquoi il est important pour votre environnement.
What is: http://ocsp.msocsp.com?
MS-OCSP stands for “O nline C ertificate S tatus P rotocol (OCSP) Extensions” from Microsoft. Although this might seem a bit daunting the plain english version of that isn’t: “Microsoft publishes Open Specifications documentation for protocols, file formats, languages, standards as well as overviews of the interaction among each of these technologies.” This is a protocol extension provided by Microsoft to check on the Certificate Status. Performing a whois on the domain name confirms this is a domain owned by Microsoft so it is considered safe. If your firewall software is notifying you of connections to ocsp.msocsp.com you can relax. I am including below the WhoIs information at the date of publishing confirming it is a Microsoft domain.
Some of the URLs you might encounter include:
http://ocsp.msocsp.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBQmECJms4f7i5EbxtN7NbzQCBwAdAQUUa8kJpz0aCJXgCYrO0ZiFXsezKUCE1oAAEM52uIyBv92B7sAAQAAQzk%3D http://ocsp.msocsp.com/MFQwUjBQME4wTDAJBgUrDgMCGgUABBSfAP5wz6TZE9AhTecbrorIUEieTwQU3Igt2WxNPQB…
Whois for MSOCSP.Com:
Domain Name: MSOCSP.COM Registrar: MARKMONITOR INC. Whois Server: whois.markmonitor.com Referral URL: https://www.markmonitor.com Name Server: NS1.MSFT.NET Name Server: NS2.MSFT.NET Name Server: NS3.MSFT.NET Name Server: NS4.MSFT.NET Name Server: NS5.MSFT.NET Status: clientDeleteProhibited Status: clientTransferProhibited Status: clientUpdateProhibited Updated Date: 20-jan-2014 Creation Date: 20-jan-2014 Expiration Date: 20-jan-2015 Domain Name: msocsp.com Registry Domain ID: 1843565191_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.markmonitor.com Registrar URL: https://www.markmonitor.com Updated Date: 2014-10-15T07:09:26-0700 Creation Date: 2014-01-20T10:25:22-0800 Registrar Registration Expiration Date: 2015-01-20T10:25:22-0800 Registrar: MarkMonitor, Inc. Registrar IANA ID: 292 Registrar Abuse Contact Email: abusecomplaints@markmonitor.com Registrar Abuse Contact Phone: +1.2083895740 Domain Status: clientUpdateProhibited Domain Status: clientTransferProhibited Domain Status: clientDeleteProhibited Registry Registrant ID: Registrant Name: Domain Administrator Registrant Organization: Microsoft Corporation Registrant Street: One Microsoft Way, Registrant City: Redmond Registrant State/Province: WA Registrant Postal Code: 98052 Registrant Country: US Registrant Phone: +1.4258828080 Registrant Phone Ext: Registrant Fax: +1.4259367329 Registrant Fax Ext: Registrant Email: domains@microsoft.com Registry Admin ID: Admin Name: Domain Administrator Admin Organization: Microsoft Corporation Admin Street: One Microsoft Way, Admin City: Redmond Admin State/Province: WA Admin Postal Code: 98052 Admin Country: US Admin Phone: +1.4258828080 Admin Phone Ext: Admin Fax: +1.4259367329 Admin Fax Ext: Admin Email: domains@microsoft.com Registry Tech ID: Tech Name: MSN Hostmaster Tech Organization: Microsoft Corporation Tech Street: One Microsoft Way, Tech City: Redmond Tech State/Province: WA Tech Postal Code: 98052 Tech Country: US Tech Phone: +1.4258828080 Tech Phone Ext: Tech Fax: +1.4259367329 Tech Fax Ext: Tech Email: msnhst@microsoft.com Name Server: ns4.msft.net Name Server: ns1.msft.net Name Server: ns5.msft.net Name Server: ns3.msft.net Name Server: ns2.msft.net
Articles Connexes
- 80244019 Windows update encountered an unknown error
- [](/communication-with-the-underlying-transaction-manager-has-failed/)
- DNS error while browsing top level domains like .com.mx or .com.uk
- Exchange Edge 2010: 451 4.4.0 DNS query failed