certAndCRLSignedBySamePrivateKey

This parameter, If set to true, instructs the certificate verification code to verify that the certificate and the CRLs (Certificate Revocation Lists) are signed by the same CA (Certificate Authority) private key. The default is false.

Certificate Authorities may use one private key to digitally sign certificates and CRLs, but CAs can also use separate private keys to digitally sign certificates and CRLs. This applies to SSL/TLS sessions only, and requires that the CRL be already present.

Value

  • true
  • false (Default)

Example

<param name="certAndCRLSignedBySamePrivateKey" value="true">