Monday, April 4, 2011

Enable certificate checking on Mac OS X

My colleague Craig Watkins at Transcend, Inc. points out that not everyone has revocation enabled and provided a detailed explanation of how Mac OS users can enable this defense [...]

  To do this on Mac OS 10.6:

- Open Applications -> Utilities -> Keychain Access

- Under Keychain Access menu, select Preferences...
- Select the Certificates tab
- Set "Online Certificate Status Protocol (OCSP)" to 
  "Best Attempt"

- Set "Certificate Revocation List (CRL)" to "Best Attempt"
- Set "Priority" to "OCSP"

Posted via email from miner49r

No comments: