For a variety of reasons, such as network or server problems, a CRL might be unavailable when Messaging Server attempts to check a certificate against it. Rather than let the Messaging Server spend its time constantly trying to gain access to the CRL, you can use the crlaccessfail parameter in the smime.conf file to manage how often it attempts to access the CRL, freeing up the Messaging Server for other tasks.
Define the following with crlaccessfail:
How many failed attempts are counted (an error message is written to the Messaging Server log after each failed attempt)
Over what period of time the failed attempts are counted
How long to wait before attempting a new cycle of accessing the CRL
See crlaccessfail in Table 24–3 for the parameter’s syntax and an example.