search cancel

Local application is sending HTTP request and getting a certificate revocation error ( CRL check )

book

Article ID: 175548

calendar_today

Updated On:

Products

Web Security.cloud

Issue/Introduction

You are using a local / in-house application which is sending HTTP request to URL and getting a certificate revocation error. The actual URL is already being bypassed both on the PAC file and the CSP/squid.conf.

 

 

"Revocation information for the security certificate for this site is not available. Do you want to proceed? Yes \ No \ View Certificate."

Environment

Web Security.cloud

Resolution

Accessing the URL via browser works fine and it is not possible to replicate the issue. Hence, the CRL check does not complete only when HTTP request is sent by the application.

As a workaround/solution, you may bypass the URL of the Certificate Authority where the CRL check is made.

1. Identify the CA by clicking on View Certificate ( e.g. Comodo )

2. Bypass the CRL URLs ( e.g. comodo.com and *.comodo.com  )