...
Setting the CertificateRevocationVerifier parameter at the transport listener allows you to verify client certificates when a client tries to make an HTTPS connection with the ESB Profile of WSO2 EI. Following is a sample transport listener configuration that you can add in the axis2.xml file to enable certificate revocation verification:
...
Setting the CertificateRevocationVerifier parameter at the transport sender allows you to verify server certificates when the ESB Profile of WSO2 EI tries to make an HTTPS connection with a backend server. Following is a sample transport sender configuration that you can add in the axis2.xml file to enable certificate revocation verification:
...
When the CertificateRevocationVerifier parameter is set to true, the ESB Profile of WSO2 EI attempts to use the Online Certificate Status Protocol (OCSP) to verify with the certificate authority at the handshake phase of the SSL protocol. If the OCSP is not supported by the certificate authority, the ESB Profile of WSO2 EI uses Certified Revocation Lists (CRL) instead. The verification process checks all the certificates in a certificate chain.
...