Verify certificate revocation [New in Security Center 1.3]
The com.glide.communications.httpclient.verify_revoked_certificate property checks certificate revocation during the Transport Layer Security (TLS) handshake to ensure that security checks are not bypassed.
If com.glide.communications.httpclient.verify_revoked_certificate is not set to the recommended value of true, then certificate revocation will not be checked during the TLS handshake. TLS encrypts data sent over the Internet to ensure that bad actors are unable to see sensitive information such as passwords or credit card numbers. Bypassing the TLS handshake is a security risk because an attacker with a revoked certificate can neglect to provide a valid certificate and break public key infrastructure (PKI) and digital certificate trust.
More information
| Attribute | Description |
|---|---|
| Configuration name | com.glide.communications.httpclient.verify_revoked_certificate |
| Configuration type | System Properties (/sys_properties_list.do) |
| Data type | Boolean |
| Recommended value | true |
| Default value | true |
| Category | Communications |
| Security risk |
|
| Dependencies and prerequisites | None |
| Functional impact | This property should be set to true to ensure that a Transport Layer Security (TLS) session is started with an authentic endpoint. If this property is set to false, then the certificate is not checked, which could compromise the security of the instance. |