Closed
Disabling CRL (Certification Revocation List) checking
We are using Pega Platform 7.2.2 on Tomcat 8.5.15. We are making calls using SOAP Connectors over HTTPS as a client, but the server is presenting a certificate that has a CRLDP extension with an invalid URI. Is there a way to turn off CRL checking of a certificate within Pega? Tomcat has a crlFile attribute that if not defined it should not check against a CRL, however, this doesn’t affect the Pega behaviour.
The error happens from the InvokeAxis2 activity, but the exception is thrown from “sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) at sun.security.ssl.X509TrustManagerImpl.checkTrusted”. Are there any extension points within the Private API to modify behaviour of these classes?
Thanks.
To see attachments, please log in.