Skip to content
← Acrobat Reader for Windows and Mac

How can we improve Adobe Reader?

Acrobat Reader for Windows and Mac: Sign

Categories

JUMP TO ANOTHER FORUM

(thinking…)

OCSP uses HTTPS even when OCSP URL specifies HTTP

Recently we have noticed certificate revocation checking failures with the latest version of Acrobat Reader DC.

In the Department of Defense, the OCSP URLs in the DOD PKI are "http://ocsp.disa.mil". These servers work. But they do not respond on the SSL-enabled port (https). But when we try to verify signatures with Acrobat DC, we get connection failures. Network tracing has revealed that even though the URLs in the certificate specify http, Adobe Reader is trying to connect to the https port, and this gets timeouts.

Environment: MacOS X
Steps to reproduce: Get a certificate that has an OCSP URL that contained "http" and not "https". Try to check the revocation status of it and watch the network connection.

2 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Ken Hornstein shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Kostas Mantzavinatos commented  ·   ·  Report

    We confirm that we have noticed the same issue, in the Hellenic Public Administration Certification Authority.
    We found a way to work around this problem. We created a new user account on the Mac and then there Acrobat Reader worked perfectly!