1

I want to check for the certificate revocation with the help of CRL. I am using CertPathValidator to validate the certificates. JSSE internally use URICertStore to fetch the CRL and caches it for 30 seconds.

Is there any way to increase this timeout so that there will be less number of network calls?

Ravindra12jan
  • 331
  • 2
  • 13
  • Your objective is rather fallacious. One connection per 30 seconds is nothing. – user207421 Apr 22 '21 at 05:06
  • We need to deploy 100s of Servers where we do revocation checking for agent certificates. We are expecting that the customers will have their own CA. So if there are 100s of servers then the CRL requests will be huge like 100 requests per 30 seconds. We thought of optimizing it. – Ravindra12jan Apr 22 '21 at 05:27
  • Have you managed to increase the CRL cache timeout? Any solution? – Vijay Kumar Apr 30 '22 at 09:07

0 Answers0