Your site may have a STIG (Security Technical Information Guide) that requires appliances to use the online certificate status protocol (OCSP).
The OCSP security feature can be enabled in the GUI in Settings -> Security. Scroll down to PKI and SSL. The feature "online certificate status protocol (OCSP)" is enabled in the "Perform certificate revocation check for Symantec" check box. You may also set the URL for OCSP in the "URL of Certificate Revocation List (CRL)" field as required by your site.