Configure Certificate Revocation Checking (SSH Only)

When you use digital certificates to authenticate hosts, you can ensure that those certificates are valid by configuring certificate revocation checking. This feature checks the certificate revocation lists (CRLs) specified by the CRL Distribution Point (CDP) field of the certificate to determine whether the certificate has been revoked.

To enable CRL checking for a Secure Shell session

  1. With a session file open, choose Options > Settings.
  2. On the left, select Connection.
  3. On the General tab, click the Advanced button. This button is only available when a host name is specified.
  4. In the Reflection Secure Shell Settings dialog box, click the PKI tab.
  5. Select either Use OCSP or Use CRL.

    Note: If CRL checking is enabled in Internet Explorer (via the Check for server certificate revocation* option), Use CRL will be selected by default in all EXTRA! SSH sessions.

Your settings are saved to an SSH configuration scheme. CRL checking will be applied in all sessions that use this SSH configuration scheme.