The crlCheckSoftFail option is not respected, allowing transactions even if strict checking is enabled

Description

If the crlCheckSoftFail option is set to false in the node configuration, then communication between nodes should not occur if there is a failure in retrieving the CRL for any of the certificates in the certificate hierarchy. This should block flows from succeeding if they involve more than one party and there are any invalid CRLs anywhere in the hierarchy for either node.

However, currently this does not occur, and communication between nodes will succeed if the tlsCertCrlDistPoint configuration item is set to an invalid URL, even if crlCheckSoftFail is set to false. The reason for this is that the AMQPConfiguration interface provides a default crlCheckSoftFail property that is always true, and this is not overridden somewhere.

The easiest way to reproduce this is to follow the steps in this test case up to the point where flows are run, with the following additional steps:

  • Update the node.conf in bankA and boc with new tlsCertCrlDistPoint s that point to an invalid URL, before registering these nodes with the network.

Status

Assignee

James Higgs

Reporter

James Higgs

Labels

None

Priority

High

Fix versions

Ported to...

None

Feature Team

Select team

CVSS Vector

None

Severity

High

Affects versions

Configure