DSS CRL validation

We noticed problem when EE certificate dosn't contain CRL distribution point or OSCP. My assuption was that in case like this DSS will try to use CRL of CA certificate (issuer certificate) from TSL - could someone clarify this situation? We have a problem with this case on production environment - one isuer doesn't put CRL neither OSCP info in EE certificate. Thank you in advance for clarifications.




The content of this field is kept private and will not be shown publicly.