How to configure certificate revocation checking from the Java Control Panel?
This article applies to:
In order to enhance security, the certificate revocation checking feature has been enabled by default starting in Java 7 Update 25. Before Java will attempt to launch a signed application, the associated certificate will be validated to ensure that it has not been revoked by the issuing authority. This feature has been implemented using both Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) mechanisms.
Different options are available within the Java Control Panel to configure how the revocation checks are performed for the application you are trying to run.
Revocation options within the Java Control Panel
Perform Certificate revocation checks onBefore a signed applet or Java Web Start application is run, the certificate associated with the application will be checked to ensure it has not been revoked. If a certificate has been revoked, any application using that certificate is not allowed to run. This check can be disabled, but that is not recommended.
Options for certificate revocation checking:
Check for certificate revocation usingThe options indicate methods used to determine if a certificate has been revoked.
We think you might also be interested in: