I am setting up a 2012 R2 PKI. Going with an offline standalone Root with an enterprise issuing CA. This is how I'd like to configure OSCP if possible & supported.
Build an OSCP array. Members will be in different sites. One in each office, one in the data center, and one in the DR data center. They will all be online 24x7. Host names are oscp1.company.com, oscp2.company.com, etc.
I want to create four A records in DNS for OSCP.company.com. One with each host's IP address.
The reason behind this is setting up the AIA extension. If I need to add a new online responder, I don't want to have to re-issue certificates so everyone can use it.
Will this work?