Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Validate the Revocation Status of User Authentication Certificates

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Validate the Revocation Status of User Authentication Certificates

            Each time users log in with a certificate, you can validate its revocation status using the Online Certificate Status Protocol (OCSP) or Certificate Revocation Lists (CRL). With OCSP, Salesforce checks the revocation status of certificates in real time. If an OCSP status check fails, or a certificate isn’t configured for OCSP, Salesforce uses a CRL instead.

            Required Editions

            Available in: both Salesforce Classic and Lightning Experience in All editions
            User Permissions Needed
            To manage certificate-based-authentication: Manage Internal Users

            Before you enable revocation status checks, make sure that your uploaded user certificates contain OCSP or CRL endpoints. This setting prevents logins with certificates that don’t have valid endpoints or have a revoked status.

            1. From Setup, in the Quick Find box, enter Identity Verification, and then select Identity Verification.
            2. Select Check the revocation status of certificates.
            3. Save your changes.

            See Also

             
            Loading
            Salesforce Help | Article