You set values in the locked.properties file to enable and configure smart card certificate revocation checking.

Properties for Smart Card Certificate Revocation Checking lists the locked.properties file properties for certificate revocation checking.

Properties for Smart Card Certificate Revocation Checking

Property

Description

enableRevocationChecking

Set this property to true to enable certificate revocation checking.

When this property is set to false, certificate revocation checking is disabled and all other certificate revocation checking properties are ignored.

The default value is false.

crlLocation

Specifies the location of the CRL, which can be either a URL or a file path.

If you do not specify a URL, or if the specified URL is invalid, View uses the list of CRLs on the user certificate if allowCertCRLs is set to true or is not specified.

If View cannot access a CRL, CRL checking fails.

allowCertCRLs

When this property is set to true, View extracts a list of CRLs from the user certificate.

The default value is true.

enableOCSP

Set this property to true to enable OCSP certificate revocation checking.

The default value is false.

ocspURL

Specifies the URL of an OCSP Responder.

ocspResponderCert

Specifies the file that contains the OCSP Responder's signing certificate. View uses this certificate to verify that the OCSP Responder's responses are genuine.

ocspSendNonce

When this property is set to true, a nonce is sent with OCSP requests to prevent repeated responses.

The default value is false.

ocspCRLFailover

When this property is set to true, View uses CRL checking if OCSP certificate revocation checking fails.

The default value is true.