Forum Discussion

DevendraJadhav's avatar
Icon for Nimbostratus rankNimbostratus
Jan 05, 2024

Server Certificate Revocation

Hi, how unchecking "Server Certificate Revocation" works for connecting Big IP Edge Client? User was facing issue, edge client stuck in "initilizaing" state... Your advice is appriciated.

3 Replies

  • Hi DevendraJadhav 

    You can use ISE as a RADIUS server for APM and then assign IPs from ISE.

    I think it should work as you expect.


  • These kinds of issues can be difficult to diagnose, because they rely so much on how the Windows behaves and the user's internet connection might be bad, or subject to filtering. Malware can also cause these symptoms.

    Edge Client has a lot of different components that make outbound HTTPS calls. Some of these use the Edge Client's built-in OpenSSL and some of them use Windows's SSL. Both Windows SSL and OpenSSL will check the certificate's status if the certificate says to. Sometimes clients running Edge Client are blocked from the Internet, wich may disallow them from performing such checks in various ways that lead to connection failures or delays.

    You can bypass this issue by using OCSP stapling , or using a cert that doesn't have an inaccessible OCSP URL or CRLDP.