AnsweredAssumed Answered

How to validate user certificate using a CRL?

Question asked by Arun.Addepalli on Feb 13, 2017
Latest reply on Mar 21, 2018 by Prashant0384

We tried below options:

1. Thru Manage Certificates / Certificate Validations. In this case we are not seeing any attempt to validate user certs in ssg logs or audit logs. This doesn't seem to work as we do not have use cert in AD / LDAP and do not authenticate using entire cert.

2. Using combination of "Lookup Certificate" & "Validate Certificate" policy assertions. Is our understanding correct in assuming that Lookup Certificate assertion actually loads the user cert against the defined output variable name? This option is giving the below error:

 

Certificate CN=*****, DC=****, DC=***** validation (REVOCATION) failed with status: CANT_BUILD_PATH

Unable to build path for certificate CN=*****, DC=****, DC=***** : Unable to find valid certification path to requested target.

 

Any pointers to the right direction would be appreciated.

 

-arun

Outcomes