Guest

Preview Tool

Cisco Bug: CSCvs31114 - Warning about not supported bypass revocation checking for FTD 6.5 and higher

Last Modified

Jul 16, 2020

Products (1)

  • Cisco Firepower Management Center

Known Affected Releases

6.5.0 6.5.0.1

Description (partial)

Symptom:
The option to bypass revocation checking due to connectivity problems with the CRL or OCSP server was removed from FTD 6.5 (LINA 9.13).

If certificate has this option enabled on the FMC GUI, FMC will push this certificate to the FTD without this option enabled on the CLI.

FMC should display warning about unsupported option as it may cause outage in case of unreachability of revocation list.

Conditions:
FTD is 6.5 or higher 
Certificate has 'Consider the certificate valid if revocation information can not be reached' enabled
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.