This is a Feature Request to allow SEMS administrators to be able to switch off certificate validity checks done via CRL (Certificate Revocation List) or OCSP (Online Certificate Status Protocol). Currently it's only possible to configure the checks to be done only via CRL or OCSP.
Some environments may be set up in a way that SEMS does not have the ability to send web traffic to the outside. Because of this, the server will not be able to do any successful certificate validation and side effects, such as Outlook freeze for a couple of seconds when opening e-mails signed by an S/MIME certificate, may be seen. The reason behind the freeze is that SEMS is trying to perform a CRL/OCSP check on the signing certificate, which will eventually fail after the check reaches a timeout.
A Feature Request has been submitted for allowing users to switch off CRL/OCSP certificate validity check on Encryption Management Server.
Symantec Corporation is committed to product quality and satisfied customers. Technical Support filed a Feature Request to add the functionality listed above. This Feature Request is currently being considered by Symantec Corporation to be addressed in a forthcoming version of the product.
There is no guaranteed date for this request from the Encryption Product Management team, or the Encryption Engineering team at this time. Please be sure to refer back to this article periodically as any changes to the status of the request will be reflected here. You can also subscribe to this article to receive notification when it is updated.
To have your organization added to the list of companies that desire this Feature Request, please contact technical support.
Subscribing will provide email updates when this Article is updated. Login is required.