PHPackages ocsp/responder - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. ocsp/responder ActiveLibrary[Security](/categories/security) ocsp/responder ============== Library implement an Online Certificate Status Protocol (OCSP) responder 0.9.7(4y ago)31.4k↓18.2%2[1 issues](https://github.com/bseddon/ocsp-responder/issues)MITPHPPHP >=5.5.9 Since Jun 9Pushed 4y ago1 watchersCompare [ Source](https://github.com/bseddon/ocsp-responder)[ Packagist](https://packagist.org/packages/ocsp/responder)[ Docs](https://github.com/bseddon/ocsp-responder/)[ RSS](/packages/ocsp-responder/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (1)Dependencies (1)Versions (8)Used By (0) OCSP Responder ============== [](#ocsp-responder) This project is a PHP implementation of [RFC 6960](https://datatracker.ietf.org/doc/html/rfc6960) to respond to X509 certificate checking by clients. Example interfaces are provided to show how certificate status can be based on a JSON file store, an OpenSSL certificate database file and a MySQL table. ### Use case [](#use-case) The purpose of this responder is validate certificates you have created for clients that trust you. For example, you might have an application that allows a user to sign an Xml document using an X509 so consumers of that document are able to verify the data contained in the Xml document has not been modified. Although the Xml document is signed by your application for your client, how does a consumer of a signed Xml document know the certificate used is valid? The consumer can ask you to confirm the certificate used to sign a document is valid and not revoked by requesting an OCSP response from you, the author of the application used to sign the Xml document. ### Non-use case [](#non-use-case) The target use of this responder is not to get browsers to recognise certificates you generate. Browsers include a bundle of certificates from well-known root certificate authorities such as Digicert,Let's Encrypt and others. Although the responder will generate a valid response if asked by a browser, unless your CA certificate is signed by a well-known root certificate authority or a recognized intermediary. That is, the browser will not validate certificates you create and sign if your certificate chain does not end at a well-known root certificate authority. ### Requirements [](#requirements) - Any HTTP server suitable for running PHP scripts. - PHP version 7.3 or higher ### Source [](#source) This project is based on which in turn is based on libpkix-asn1-php\_1.0-6\_all.deb available on . Unlike these implementations that return pre-prepared responses (where do the responses come from?) it will generate an appropriate response based on information in a certificate store of some kind. ### Dependency [](#dependency) OCSP requests and responses take the form of DER encoded stream of [ASN.1](http://luca.ntop.org/Teaching/Appunti/asn1.html) tokens. The code used to parse and write ASN.1 is in this [OCSP request](https://github.com/bseddon/ocsp) repository. ### Use [](#use) See the [wiki](https://github.com/bseddon/ocsp-responder/wiki) for details on how to setup a test CA and use this responder code. ### Install [](#install) Use the **composer** command to get the most recent stable version, create a folder and open a command window then type: `composer require ocsp/responder` To work at the bleeding edge, create a folder and open a command window then first create a file called composer.json with this content: ``` { "minimum-stabilty": "dev" } ``` Then enter the command: `composer require ocsp/responder=dev-main` ### Health Score 25 — LowBetter than 37% of packages Maintenance13 Infrequent updates — may be unmaintained Popularity26 Limited adoption so far Community9 Small or concentrated contributor base Maturity41 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~18 days Recently: every ~25 days Total 7 Last Release 1695d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/d205a6428422f437de21d40def300c0558d946acaadc1f67a5e2faae4e7f3801?d=identicon)[bseddon](/maintainers/bseddon) --- Top Contributors [![bseddon](https://avatars.githubusercontent.com/u/1221824?v=4)](https://github.com/bseddon "bseddon (43 commits)") --- Tags requesthttpschecksecuritycertificaterevocationocsprevokerevokedonline certificate status protocolrfc6069 ### Embed Badge ![Health badge](/badges/ocsp-responder/health.svg) ``` [![Health](https://phpackages.com/badges/ocsp-responder/health.svg)](https://phpackages.com/packages/ocsp-responder) ``` ### Alternatives [mlocati/ocsp Library to query HTTPS Certificates revocation status using the Online Certificate Status Protocol (OCSP) 40754.7k2](/packages/mlocati-ocsp)[kelunik/acme ACME library written in PHP. 121603.9k3](/packages/kelunik-acme)[acmephp/core Raw implementation of the ACME protocol in PHP 38973.7k7](/packages/acmephp-core)[spatie/ssl-certificate-chain-resolver SSL certificate chain resolver 3069.6k](/packages/spatie-ssl-certificate-chain-resolver)[kelunik/acme-client Let's Encrypt / ACME client written in PHP for the CLI. 3933.9k1](/packages/kelunik-acme-client)[acmephp/ssl PHP wrapper around OpenSSL extension providing SSL encoding, decoding, parsing and signing features 141.2M4](/packages/acmephp-ssl) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)