EldoS | Feel safer!

Software components for data protection, secure storage and transfer

CRL cache

Posted: 04/21/2012 01:24:33
by ingbabic  (Standard support level)
Joined: 09/27/2011
Posts: 114

Thank you very much.

I make following conclussion. Certificate validator tries to read location of CRL from certificate. It uses the one whichever it finds first. If that location is not available, it tries to find another and use that location. Once CRL is retrieved it is kept in local intenal cache in memory (global object) and stays there until object is disposed, or CRL is expired whichever occurs first. Any subseqent request for CRL is using CRL from cache and does not download it again.
Posted: 04/21/2012 09:20:02
by Eugene Mayevski (Team)

Yes, this is correct, with one addition: the CRL in the cache is identified by URL, so if you have HTTP and LDAP URLs that provide the same CRL, for CRL cache these are different CRLs.

Sincerely yours
Eugene Mayevski



Topic viewed 2870 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!