Do PCoIP Zero Clients check for certificate revocation of the server SSL certificate when starting a PCoIP session?

Rate this Article
No votes yet

July 3, 2020

Last modified: 08/01/2023, 8:15 am

Knowledge Base Article Advisory Security Zero Clients

The following points briefly describe the PCoIP Zero Client Online Certificate Status Protocol (OCSP) functionality when connecting to a VMware View Connection Server, PCoIP Connection Manager, HP Anyware PCoIP Agent or HP Anyware Connector.

  • PCoIP Zero Clients check for certificate revocation of the server certificate via the OCSP.

  • PCoIP Zero Clients do not use Certificate Revocation Lists (CRL).

  • The PCoIP Zero Client can utilize OCSP only if the OCSP responder URL is in the certificate. OCSP only does a best effort check, if the responder is unreachable for any reason, the certificate is assumed to be valid.

  • Certificates are rejected only if the OCSP responder says it\u2019s been revoked.

  • OSCP behavior is not configurable or modifiable because it is a required part of the VMware View security specification.