I. To disable revocation checks globally on ALL agents:

1. On the App Control Console, click the Configuration (Gear) icon
2. Click on the System Configuration page > Advanced Options tab
3. Scroll down to the bottom > click the Edit button then find the Certificate Options:
   1. Initial Revocation Check > Set it to None (Do not perform certificate revocation checking)
      • Initial Revocation Checks run every time a new file is discovered; such checks can cause performance issues during agent initialization and software update cycles
   2. Background Revocation Check - it is NOT recommended to disable this unless the system is in an air-gapped environment with no network access to perform CRL requests
      • Background Revocation Checks run once every 24Hrs with limited performance impact; it is recommended that the setting stays enabled and set to Network
      • If you really need to disable it, set it to Cache or None

II. To disable revocation checks Per-Policy or Per-Agent:

1. Navigate to: https://ServerAddress/Agent_config.php
2. Add the following Agent Configs:

Name: Disable Initial Revocation Checks
Host ID: 0 (or use specific Host ID)
Value:

cert_chain_flags=0x80000001

Platform: Windows
Create for: Apply it to Specific policies
Enable and Save it

Name: Disable Background Revocation Checks
Host ID: 0 (or use specific Host ID)
Value:

background_cert_chain_flags=0x80000001

Platform: Windows
Create for: Apply it to Specific policies
Enable and Save it