X.509 certificate authentication has the following limitations:

• Certificate verification will fail unless the root CA and all intermediate CAs are added as trust anchors and/or intermediates on the Avaya SBC system regardless of whether the client sends the full trust chain.

• Online Certificate Status Protocol (OCSP) checking is currently not supported.

• Certificate Revocation List (CRL) Distribution Point checking is not supported.