Previous page Section 3.10.49. EAPTLS_OCSPFailureBackoffTime Section 3.10.50. EAPTLS_OCSPStrict (209 / 1691)   Table of Contents Section 3.10.51. EAPTLS_OCSPCacheTime Next page

3.10.50. EAPTLS_OCSPStrict Previous topic Parent topic Child topic Next topic

This optional flag parameter defines if Online Certificate Status must be checked successfully. This is used only with TLS-based EAP types, such as TLS, TTLS, and PEAP, that are configured to check client certificates.
When EAPTLS_OCSPStrict is set, the certificate check must be successful in all phases. Here are some examples when the certificate check fails if EAPTLS_OCSPStrict is set:
  • EAPTLS_OCSPURI is not set and the certificate does not have OCSP URI.
  • OCSP responder is not responding.
  • OCSP responder cannot be reached.
Previous page Section 3.10.49. EAPTLS_OCSPFailureBackoffTime Section 3.10.50. EAPTLS_OCSPStrict (209 / 1691)   Table of Contents Section 3.10.51. EAPTLS_OCSPCacheTime Next page