VerifySignatureCertificateRevocation

IT Asset Management (Cloud)
Registry
Note: This setting is registry only, it is not possible to configure this setting from the command line.

VerifySignatureCertificateRevocation controls whether the signing certificate and intermediate certificate trust chain is checked against public certificate revocation lists. By default, this setting is enabled to ensure the maximum level of security against issues with certificates that need to be revoked. Since some agent environments may not or have access to, or are intentionally blocked, from Internet access, this setting can be disabled to skip certificate revocation checks. However, this will result in a degraded experience in the event a certificate needs to be revoked, and can result in an in-determinant gap between the time a certificate is revoked and a newly signed agent upgrade package is made available (though such a time period would be as minimal as possible). flxconfig contains additional logic built into it to provide a second level of revocation checking that does not require Internet access, but ultimately revocation is maintained by a public certificate authority.

Values

Values / range

Boolean (True or False)

Default value

True

Registry

Computer preference

[Registry]\ManageSoft\Configuration

IT Asset Management (Cloud)

Current