Support Center > Search Results > SecureKnowledge Details
After upgrade, Remote Access/Mobile Access certificate validation stops working Technical Level
  • After upgrading a Remote Access VPN Gateway to R80.40/R81/R81.10, Certificate Validation for VPN clients stops working. Turning off CRL Checking from the trusted CA object resolves the issue.

  • SmartConsole logs may show failed login attempts with this description:
    OCSP: could not connect to server. 
    Make sure the server is up and
Starting with these Jumbo Hotfix Accumulator takes, certificate validation flow uses OCSP as the default revocation validation method. If OCSP URL is not available, certificate validation flow uses CRL as a secondary method.

Note: To view this solution you need to Sign In .