phimath PKI
The phimath PKI consists of multiple layers of certification authorities.
phimath Root CA
The Root CA is an offline certification authority. Being separated from any network allows for maximum protection of the private keys and all issued subordinate certification authorities.
Because issued certificates are usually valid for at least one year, the Root CA does not have an Online Certificate Status Protocol (OCSP) Responder.
phimath Intermediate CA
The Intermediate CA is an online certification authority. It issues certificates for all principals (i.e. users, webservers, computers, etc.) in the domains phimath.de and phimath.local, including all subdomains.
In contrast to the Root CA, the Intermediate CA does have an Online Certificate Status Protocol (OCSP) Responder. You can access the OCSP Responder at http(s)://pki.phimath.de/ocsp.