Question

3
Replies
46
Views
gricr1 Member since 2013 3 posts
PEGA
Posted: 2 years ago
Last activity: 2 years 6 months ago
Closed

Disabling CRL (Certification Revocation List) checking

We are using Pega Platform 7.2.2 on Tomcat 8.5.15. We are making calls using SOAP Connectors over HTTPS as a client, but the server is presenting a certificate that has a CRLDP extension with an invalid URI. Is there a way to turn off CRL checking of a certificate within Pega? Tomcat has a crlFile attribute that if not defined it should not check against a CRL, however, this doesn’t affect the Pega behaviour.

The error happens from the InvokeAxis2 activity, but the exception is thrown from “sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) at sun.security.ssl.X509TrustManagerImpl.checkTrusted”. Are there any extension points within the Private API to modify behaviour of these classes?

Thanks.

Data Integration Security
Moderation Team has archived post
Share this page LinkedIn