NET程式關閉CRL檢視

憑證如果會進行CRL憑證撤銷清單檢視,而內部網路無法連接外網時

會造成程式延遲15秒左右的時間,要解決不檢查CRL,可做以下設定

如果您的應用程式裝載在 IIS 中,請將它變更下列其中一項︰
C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\machine.config
C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\web.config
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet.config
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\machine.config
C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CONFIG\web.config
C:\Windows\Microsoft.NET\Framework\v3.5\aspnet.config
C:\Windows\Microsoft.NET\Framework\v3.5\CONFIG\machine.config
C:\Windows\Microsoft.NET\Framework\v3.5\CONFIG\web.config
C:\Windows\Microsoft.NET\Framework64\v3.5\aspnet.config
C:\Windows\Microsoft.NET\Framework64\v3.5\CONFIG\machine.config
C:\Windows\Microsoft.NET\Framework64\v3.5\CONFIG\web.config
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet.config
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\web.config

搜尋


變更為


Start gpedit.msc -> Local Computer policy -> Computer Configuration -> Administrative Templates -> System -> Internet Communication Management -> Internet Communication Settings -> Turn off automatic root certificate update = Enabled 

And 

Start gpedit.msc -> Local Computer policy -> Computer Configuration -> Windows Settings -> Security Settings -> Public Key Policy -> Certificate Path Validation Path. Select tab “Network Retrieval” and enable the “Define these policy settings”. Deselect “Automatic update root….” And most important set the timeout values to 1.

留言

這個網誌中的熱門文章

IIS 啟用HTTP Strict Transport Security (HSTS)

ASP.NET寄發加密加簽信件

'Microsoft.ACE.OLEDB.12.0' 提供者並未登錄於本機電腦上。 (System.Data)