When you configure CRL checking, View reads a CRL to determine the revocation status of a smart card user certificate.

Before you begin

Familiarize yourself with the locked.properties file properties for CRL checking. See Smart Card Certificate Revocation Checking Properties.

Procedure

  1. Create or edit the locked.properties file in the SSL gateway configuration folder on the View Connection Server or security server host.

    For example: install_directory\VMware\VMware View\Server\sslgateway\conf\locked.properties

  2. Add the enableRevocationChecking and crlLocation properties to the locked.properties file.
    1. Set enableRevocationChecking to true to enable smart card certificate revocation checking.
    2. Set crlLocation to the location of the CRL. The value can be a URL or a file path.
  3. Restart the View Connection Server service or security server service to make your changes take effect.

locked.properties File

The file shown enables smart card authentication and smart card certificate revocation checking, configures CRL checking, and specifies a URL for the CRL location.

trustKeyfile=lonqa.key
trustStoretype=jks
useCertAuth=true
enableRevocationChecking=true
crlLocation=http://root.ocsp.net/certEnroll/ocsp-ROOT_CA.crl