Control Certification Revocation Check Failure Tolerance
Key Location: HKLM\SOFTWARE\Veeam\Veeam Backup and Replication\
Value Name: SyslogCRLCheckMode
Value Type: DWORD (32-Bit) Value
Value Data: 2
This key controls the verification logic of the TLS certificates from Syslog receivers when using the TLS option for Syslog. The key was added for environments where the Veeam Backup Server cannot access the internet and cannot make a check against a CRL (certificate revocation list) to determine if the certificate that the syslog server presents was revoked or not.
- 0 - Treat any CRL error as a connection failure.
- 1 - Ignore the 'OfflineRevocation' flag. This flag is raised if the certificate has been checked using cached CRL because the primary CRL is offline.
- 2 - Ignore both the 'OfflineRevocation' flag and the 'RevocationStatusUnknown' flag. This flag is raised if the CRL server is unreachable. (Default)
- 3 - Skip checking CRL altogether.
PowerShell command to create this registry value:
Change the value in the command before executing.