Opened 9 years ago
Closed 9 years ago
#10865 closed enhancement (duplicate)
Webpositive doesn't check for revoked certificates
|Reported by:||xray7224||Owned by:||pulkomandy|
|Keywords:||tls, ssl, certificate, revocation||Cc:|
Webpositive should check if a TLS/SSL certficate has been revoked. It would be good if there was a drop down option to select between "hard fail", "soft fail" and "disabled". Those being:
hard fail: if CRL/OCSP list is down it'll assmue it's revoked. soft fail: if the CLR/OSCP list is down then it'll trust it. disabled: No certificate revocation checking will occur.
I think that hard fail should be the default as it's the safest option and from my experiance the CRL/OSCP lists rarely are unavailable.
Change History (1)
comment:1 by , 9 years ago
|Blocked By:||6493 added|
|Status:||new → closed|
Note: See TracTickets for help on using tickets.
This is already tracked in #6493, although the ticket summary there is out of date.