Support Center > Search Results > SecureKnowledge Details
After upgrade, Remote Access/Mobile Access certificate validation stops working Technical Level
Symptoms
  • After upgrading a Remote Access VPN Gateway to R80.40/R81/R81.10, Certificate Validation for VPN clients stops working. Turning off CRL Checking from the trusted CA object resolves the issue.

  • SmartConsole logs may show failed login attempts with this description:
    OCSP: could not connect to server. 
    Make sure the server is up and running.CN=example.test.com
Cause
Starting with these Jumbo Hotfix Accumulator takes, certificate validation flow uses OCSP as the default revocation validation method. If OCSP URL is not available, certificate validation flow uses CRL as a secondary method.

Solution
Note: To view this solution you need to Sign In .