This script is used to generate certificates used by ocspd. Some steps to run (only once - before all OCSP testing): 1. Edit security/nss/tests/chains/scenarios/scenarios to have there only ocspd.cfg 2. Set environment variable to run only chains tests: export NSS_TESTS=all.sh 3. Run tests: ./all.sh 4. Go to results directory: cd tests_results/security/${HOST}.${ID}/chains 5. Copy ocspd-certs.sh and ocspd.conf.template to this directory 6. Run: ./ocspd-certs.sh OCSPD ${OCSPD_ETC_DIR} ${LIBPKIX_CERTS_DIR}: Example: ./ocspd-certs.sh OCSPD /export/iopr/openca-ocsp-responder/etc/ocspdPKIX \ ~/nss/securitytip/mozilla/security/nss/tests/libpkix/certs 7. Copy config files and keys/certs/crls to ocspd etc directory: cp *.conf /Volumes/dochinups.red.iplanet.com/openca-ocsp-responder/etc/ocspdPKIX cp *.pem *.key /Volumes/dochinups.red.iplanet.com/openca-ocsp-responder/etc/ocspdPKIX/OCSPD 8. Start ocsp deamons on dochinups (for all configs).