NemID melder problemer med OCSP-tjenesten, hvilket kan give
certifikat valideringsfejl ved forsendelse.
Med venlig hilsenNemhandel Teamet
NemID has reported earlier today that the OCSP-service issue is resolved:
Best regardsNemhandel Team
What do you think, can we switch to CRL certificate revocation
validation meanwhile? We have a lot of pending orders to deliver via
Nemhandel because of this issue...
In Sproom we've been using CRL revocation check for years - and
we have not seen any problems recently. So, my guess is that this
could be a workaround for you, that will maybe even give more
stability and higher throughput in the longer run as well.
Of course it might be that CRL is also unstable right now, and
we just didn't notice, because we already have the cached list.
Thank you very much for your input! Very useful to know!
Looks like all our orders are delivered now - so "ustabil"
does not mean it does not work at all like previous time, but just
some requests fail, so next attempt to resend can succeed.
I remember that we switched to OCSP when CRL became quite big and
also more than one intermediate CA was introduced (so separate
Certificate Refocation Lists appeared), but good to know that it is