Oxford University Department of Biochemistry  
 
Help >
How-to Guides
In This Section:

Section Home
   

How-to Guides

How to turn on Certificate Revocation Checking

One consequence of the Heartbleed flaw is that there is a small risk that a fake website could be set up to successfully masquerade as a legitimate website, even if the legitimate website has correctly revoked its potentially compromised security certificate. The only way to guard against this risk is to turn on a rarely used feature of your browser, which checks whether a certificate has been revoked before accepting it.

This feature has been turned on automatically for users of Internet Explorer and Chrome on domain PCs. Firefox users, and those using non-domain computers, will have to make the change themselves. Details of how to do so can be found below.


Firefox

Firefox button | Options | Options | Advanced | Certificates | Validation

OR (if you have the Menu bar turned on)

Tools | Options | Advanced | Certificates | Validation

  • Use the Online Certificate Status Protocol (OCSP) to confirm the current validity of certificates - Tick
  • When an OCSP server connection fails, treat the certificate as invalid – Tick


Internet Explorer

Control Panel | Internet Options | Advanced   

  • Check for server certificate revocation - tick
  • Warn about certificate address mismatch - tick


Chrome

Chrome Menu | Settings | Advanced

  • Check for server certificate revocation - tick



Options for this page:

Search All Guides | Search How-to Guides Only | List How-to Guides | Search FAQs Only





Page Last Updated: 16/04/2014 by Jeremy Rowntree
© 2017 Department of Biochemistry
View Printer-friendly version of this page


   
 © 2017 University of Oxford   Webmaster Feedback Page Shortcuts: