Using Keychain Access - enable ocsp protocol
I would like to enable OCSP.
In keychain Access -> preferences -> certificaes I can enable the CRL or OCSP functionality.
The options available are:
- Off: No revocation checking will be performed.
- Best Attempt: The certificate passes unless an indication of a bad certificate is
returned from the server.
- Require if Cert Indicates: If the URL to the revocation server is provided in the
certificate, this setting requires a successful connection to a revocation server and no
indication of a bad certificate.
- Require for All Certs: This setting requires successful validation of all certificates. It is
most useful in a tightly controlled environment that guarantees the presence of a
CRL server or OCSP responder.
- Priority: Determines which method (OCSP or CRL) is attempted first. If the first
method chosen returns a successful validation, the second method is not attempted.
The problem is that the "Require if Cert Indicates" and "Require for All Certs" options are disabled and I do not know how to enable them.
Howto can I enable this options on keychain access?
Regards
Giovanni.
In keychain Access -> preferences -> certificaes I can enable the CRL or OCSP functionality.
The options available are:
- Off: No revocation checking will be performed.
- Best Attempt: The certificate passes unless an indication of a bad certificate is
returned from the server.
- Require if Cert Indicates: If the URL to the revocation server is provided in the
certificate, this setting requires a successful connection to a revocation server and no
indication of a bad certificate.
- Require for All Certs: This setting requires successful validation of all certificates. It is
most useful in a tightly controlled environment that guarantees the presence of a
CRL server or OCSP responder.
- Priority: Determines which method (OCSP or CRL) is attempted first. If the first
method chosen returns a successful validation, the second method is not attempted.
The problem is that the "Require if Cert Indicates" and "Require for All Certs" options are disabled and I do not know how to enable them.
Howto can I enable this options on keychain access?
Regards
Giovanni.
macbookpro, Mac OS X (10.5.5)