Information:

Environment

  • Online Certificate Status Protocol (OCSP) - RFC 2560
  • Certificate Revocation List (CRL) - RFC 3280
  • Internet Explorer browser
  • Firefox browser
  • Chrome browser

 

 

Solution

Internet Explorer

Internet Explorer versions 7 and later on Windows Vista and later Windows versions supports OCSP checking.

For details about OCSP and CRL, go to https://blogs.msdn.microsoft.com/ieinternals/2011/04/07/understanding-certificate-revocation-checks/.


Firefox

Firefox supports OCSP. It is enabled by default.

To review the setting:

  1. In a Firefox browser window, open a new tab, type about:config in the address bar, and press Enter.
  2. Search for Security.OCSP.

The default value for Security.OCSP.enabled is 1 = enabled.

As of Firefox 28, CRL is deprecated in favor of OCSP.

Chrome

In the Chrome browser, OCSP checks and CRL are disabled by default. Chromes uses its own update mechanism for certificate checks.

 

 

 

 

  • No labels