Forum Discussion
Kevin_Stewart
Nov 06, 2018Employee
Yes in BIG-IP v13.1 and above. You have three options in the server SSL profile:
- OCSP - performs OCSP stapling if available or direct OCSP query if the server certificate contains an OCSP responder URL in its AIA field.
- CRL File - revocation checking based on a locally-imported CRL file.
- CRL - uses the CRLDP attribute in the certificate to fetch a remote CRL.