Hi, The following bug reports seems to indicate the OCSP validation code should permit clock skew when checking the validity of OCSP responses.
1. JDK-674888 (Bug - affected version 6u11) 2. JDK-2166696 (Backport - fixed version 6u10 (b32) 3. JDK-2186994 (Backport - fixed version OpenJDK6 (b18) 4. JDK-2166740 (Backport - fixed version 7 (b41)) I am using Java8, and would expect it to have all the above fixes. Changing the value of "deployment.security.validation.clockskew" has no impact on the OCSP certification validation. The certificate validation always defaults to 15 minutes. What configurable property (and what file) controls the OCSP validation clock skew? Any answer will be greatly appreciated! Thanks, Usha Seshadri Lockheed Martin, IS&GS 301-240-7496 [LM-logo]
