NIM doc: Secure traffic examples don’t include certificate revocation checking (CRLs)

**Description**:

The [Secure traffic](https://docs.nginx.com/nginx-instance-manager/system-configuration/secure-traffic/) guide shows how to configure SSL/TLS between NGINX Instance Manager and NGINX instances. While it includes `ssl_verify on;`, it omits certificate revocation checking (such as using Certificate Revocation Lists or OCSP).

This means revoked certificates—due to compromise, mis-issuance, or other reasons—may still be accepted, compromising the security of the setup.

**Impact**:

Users who follow the guide as written may unknowingly accept revoked certificates, creating a false sense of security.

**Customer feedback**

A customer rated the doc a 3/7 because of its failure to mention CRLs.

![Image](https://github.com/user-attachments/assets/2f1c393d-df8c-4a4c-ac6c-b7e246b110a3)

---

**Acceptance criteria**:

- [ ] Add a note that checking for revoked certificates is a recommended best practice.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

NIM doc: Secure traffic examples don’t include certificate revocation checking (CRLs) #594

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Participants

NIM doc: Secure traffic examples don’t include certificate revocation checking (CRLs) #594

Description

Activity

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Participants

Issue actions