|
Certificate host name must match host being contacted
|
Specifies whether host name matching is required when validating host certificates. When this setting is enabled (the default), the host name you configure in Reflection must exactly match one of the host names entered in either the CommonName or the SubjectAltName field of the certificate.
|
|
Use OCSP
|
Specifies whether Reflection checks for certificate revocation using (Online Certificate Status Protocol) responders when validating host certificates. OCSP responders may be specified in the AIA extension of the certificate itself. You can also specify OCSP responders using the OCSP tab in the Reflection Certificate Manager.
|
|
Use CRL
|
Specifies whether Reflection checks for certificate revocation using (Certificate Revocation Lists) when validating host certificates. CRLs may be specified in the CDP extension of the certificate itself. You can also specify CRL using the LDAP tab in the Reflection Certificate Manager.
Note: The default value of this setting is based on your current system setting for CRL checking. To view and edit the system setting, launch Internet Explorer, and go to Tools > Internet Options > Advanced. Under Security, look for Check for server certificate revocation.
|
|
Reflection Certificate Manager
|
Opens the Reflection Certificate Manager, which you can use to manage certificates in the Reflection stores and to specify PKI settings.
|
|
View System Certificates
|
Opens the Windows Certificate Manager, which you can use to manage certificates in your system stores.
|