Does HiveMQ have Certificate Revocation List(CRL) support to block clients with revoked certificates?
For OCSP Stapling, can someone confirm that it is supported only for server certificate validation? Meaning that it is not supported for client certificates? Documentation on OCSP.
Security :: HiveMQ Documentation
Hello @Yashwanth ,
First off, welcome to the HiveMQ Community! We’re always happy to see new users.
As for your questions - at this time, CRLs are not currently supported, though this may change in the future - be sure to keep an eye out for product updates!
For OCSP stapling, the HiveMQ implementation utilizes a broker-to-OCSP methodology, specifically for stapling. For standard, client-driven OCSP, this utilization will be determined by the client library.
Best,
Aaron from the HiveMQ Team