property AllowLoadCRLByHttp: boolean; default True;

 

Description

Determines whether a certificate revocation list (CRL) will be loaded from an HTTP resource during the TLS/SSL handshake when starting a new session if the required CRL was not found in the current storage.

CRL is used to verify whether the server certificate is valid and has not been revoked by the user. When verifying the validity of an SSL certificate, CRL is searched for in the current storage based on the identifier contained in the certificate itself. If the CRL is not available in the current storage, it can be retrieved from an HTTP resource.

Set AllowLoadCRLByHttp to True to allow a download of a CRL list from a URI.

Set AllowLoadCRLByHttp to False to disable a download of a CRL list from a URL. If no CRL was found, the TLS server is considered invalid, and the session is closed.

If you do not want to check the revocation status of an SSL certificate, use the DisableCRLValidation property.

The default value is True.

 

See Also

DisableCRLValidation

 

SecureBridge Components, Copyright © 2007-2021 Devart. All Rights Reserved. Provide Feedback Visit Forum Request Support