Opened 11 years ago
Closed 11 years ago
#10865 closed enhancement (duplicate)
Webpositive doesn't check for revoked certificates
Reported by: | xray7224 | Owned by: | pulkomandy |
---|---|---|---|
Priority: | normal | Milestone: | |
Component: | Applications/WebPositive | Version: | R1/Development |
Keywords: | tls, ssl, certificate, revocation | Cc: | |
Blocked By: | #6493 | Blocking: | |
Platform: | All |
Description
Webpositive should check if a TLS/SSL certficate has been revoked. It would be good if there was a drop down option to select between "hard fail", "soft fail" and "disabled". Those being:
hard fail: if CRL/OCSP list is down it'll assmue it's revoked. soft fail: if the CLR/OSCP list is down then it'll trust it. disabled: No certificate revocation checking will occur.
I think that hard fail should be the default as it's the safest option and from my experiance the CRL/OSCP lists rarely are unavailable.
Change History (1)
comment:1 by , 11 years ago
Blocked By: | 6493 added |
---|---|
Resolution: | → duplicate |
Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
This is already tracked in #6493, although the ticket summary there is out of date.