In this TechNote, we take a look at Certificate Revocation options and discuss the protocols and tradeoffs when using. This focuses on securing the underlying infrastructure communication between Daml Application components.
- CRLs, OCSP, OCSP Stapling, Must-Staples, CRLSets
- Simple Java example to allow you to see the protocol in action in Wireshark
- How to enable OCSP revocation checking in the Daml Ledger API Server