-
It's a requirement that CRLs for Intermediate CAs have reason codes. Table 1.2.2 in the TLS BRs says "2020‐09‐30 7.2 and 7.3 All OCSP and CRL responses for Subordinate CA Certificates MUST include a m…
-
Hello, my friend
I'm learning about the TLS configuration for ClickHouse, but I can't find a configuration for certificate revocation, and I'm guessing it's not currently supported. So, do we have a …
-
We should look into testing the following if we don't already do:
- Certificate expiration
- Certificate chains
- OCSP
- Revocation
- Mismatching/insecure client/server cipher suites
-
When authenticating with a certificate, most of the User config data should be put in the x.509 cert.
Fields:
username
nick, or list of valid nicks(to be authenticated against which one is used w…
-
File: [/en_US/admin/cfg.md](https://www.emqx.io/docs/en/v5.0/admin/cfg.html)
Many scenarios require use of a OCSP or Revocation list for TLS client certificate. Now as OCSP or CRLs are not supporte…
-
*Description*:
Currently CRLs cannot be retrieved from a remote location by Envoys and must be vended to Envoys as secret configuration in the form of [inline bytes or a file location](https://www.en…
-
### Is your feature request related to a problem? Please describe.
Add support in AS3 for creating a dynamic CRL check in the SSL profiles (client and server). There is an AS3 class for checking ce…
-
Its possible that this is part of the SDK in which case I can transfer it over to the SDK repo but I'm getting a ton of logs that seem like theyre debug level. Context around queries isnt all that rel…
-
## Problem
As an IT admin, I'd like Fleet to orchestrate the lifecycle management of client certificates on my Linux hosts.
There are several parts to this request that might need to be …
-
I am trying to figure out if the libcoap library uses DTLS 1.2 or what exactly it uses. I verified from the libcoap code that the minimum version required is set to DTLS1_2_VERSION but what is it exa…