× SSL247 joins forces with Sectigo CA - Find Out More...
Our accreditations and awards:
Cookies
0 items Total $0

Knowledge Base

  

CRL Infrastructure Upgrade on May 6, 2013

Important Service Announcement

Symantec has upgraded their SSL Certificate Revocation List (CRL) infrastructure on May 6, 2013 to provide faster responses and a better experience for customers.

Here's how you'll benefit

Faster response time – CRL requests will be served from the closest location to the user with a dramatically improved average response time.
100+ additional new sites – more sites handling CRL request means improved availability and reliability all over the globe.

What this means to you

It is strongly recommended that any firewall policies and/or access control devices use URLs and not IP addresses. Symantec can change these IP addresses at any time without notification. If possible white list the following entries on your firewall policies and/or access control devices to ensure seamless access to our CRL services.

*.ws.ssl247.com
*.ssl247a.com
*.ssl247b.com

Note:

If white listing wildcard entries is not permitted, you can white list the following specific fully qualified domain names (FQDNs).

If your corporate firewall is configured to allow only a certain set of IP addresses to be accessed from your network, you'll need to take the following actions:

Note: When you are testing the IP’s, please note that not all 128 IP's are 'up' all the time. When testing connectivity with one of the IP’s you may not get a response from the IP. This is by design because those IP's are technically 'out of rotation' and won't be resolved to when a DNS query is made against the CRL service.