The client certificate revocation checking mode used when a client authenticates with a client certificate. Changes to this attribute are synchronized to HA mates via config-sync. The default value is "none". The allowed values and their meaning are:
"none" - Do not perform any certificate revocation checking.
"ocsp" - Use the Open Certificate Status Protcol (OCSP) for certificate revocation checking.
"crl" - Use Certificate Revocation Lists (CRL) for certificate revocation checking.
"ocsp-crl" - Use OCSP first, but if OCSP fails to return an unambiguous result, then check via CRL.
The client certificate revocation checking mode used when a client authenticates with a client certificate. Changes to this attribute are synchronized to HA mates via config-sync. The default value is
"none". The allowed values and their meaning are: