property AllowLoadCRLByHttp: boolean; default True;
Description
Determines whether a certificate revocation list (CRL) will be loaded from an HTTP resource during the TLS/SSL handshake when starting a new session if the required CRL was not found in the current storage.
CRL is used to verify whether the client certificate is valid and has not been revoked by the user. When verifying the validity of an SSL certificate, CRL is searched for in the current storage based on the identifier contained in the certificate itself. If the CRL is not available in the current storage, it can be retrieved from an HTTP resource.
Set AllowLoadCRLByHttp to True to allow a download of a CRL list from a URI.
Set AllowLoadCRLByHttp to False to disable a download of a CRL list from a URL. If no CRL was found, the TLS client is considered invalid, and the session is closed.
If you do not want to check the revocation status of an SSL certificate, use the DisableCRLValidation property.
The default value is True.
See Also