PNS supports the following two solutions from the available methods for the verification of certificate revocation state:
Certificate Revocation Lists (CRLs)
Online Certificate Status Protocol (OCSP) stapling
Both methods are available for client- and server-side verifications as well in encryption policies.
When setting up and performing revocation checking, the encryption policies do not separate the two methods. If revocation checking is enabled, then PNS attempts to gain valid revocation information using both methods and uses any valid result.
© 2021 BalaSys IT Security.
Send your comments to support@balasys.hu