Hi Team,
Wanted to know why port 80 has been used for *.digicert.com and *.digicertcdn. Also, why do we need to open inbound port for *.digicert.com?
Thanks,
Shoaib
Question
Why do we need to open port 80 all inbound/outbound for *.digicert.com
Shoaib,
Our apologies, that was a copy/paste error, but a great catch on your part! The Automox agent does not require any inbound connections and we have corrected the documentation.
With regards to the outbound port 80 question, that is because OSCP uses port 80 as an industry standard. The CRLs are already cryptographically signed, so an interception attack would not be able to manipulate the contents. Wrapping the connection in TLS doesn’t change that fact and DigiCert chooses not to use it for that reason.
Sincerely,
Jason
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.