Verify certificate revocation

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • The com.glide.communications.httpclient.verify_revoked_certificate property checks certificate revocation during the Transport Layer Security (TLS) handshake to ensure that security checks are not bypassed.

    If the com.glide.communications.httpclient.verify_revoked_certificate system property isn't configured to the recommended value of true, certificate revocation checks will be skipped during the TLS handshake.

    Ensure the property com.glide.communications.httpclient.verify_revoked_certificate is set to true.

    More information

    Attribute Description
    Configuration name com.glide.communications.httpclient.verify_revoked_certificate
    Configuration type System Properties (/sys_properties_list.do)
    Data type Boolean
    Recommended value true
    Default value true
    Category Communications
    Security risk
    • Severity score: 6.5
    • CVSS score: Medium
    • Security risk details: This omission undermines a critical security control, potentially allowing an attacker to use a revoked certificate without detection. As a result, it compromises the integrity of the Public Key Infrastructure (PKI) and the trust model that underpins secure web communications.
    Dependencies and prerequisites None
    Functional impact This property should be set to true to ensure that a Transport Layer Security (TLS) session is started with an authentic endpoint. If this property is set to false, then the certificate is not checked, which could compromise the security of the instance.