Source
OCSP Configuration
Snowflake uses Online Certificate Status Protocol (OCSP) to provide maximum security to determine whether a certificate is revoked when Snowflake clients attempt to connect to an endpoint through HTTPS.
Replacing OCSP with CRL as the method of certificate revocation checking
OCSP is currently used as a secondary layer of certificate validation (revocation checking), which only happens after the primary (TLS) validation is successful. OCSP checking is enabled by default but entirely optional, and all…
Why does OCSP use Port 80 and not Port 443?
OCSP is an industry standard that is meant to run over Port 80. Snowflake uses Online Certificate Status Protocol (OCSP) to provide maximum security to determine whether a certificate is revoked when Snowflake clients attempt to connect to…
How To: Turn Off OCSP Checking in Snowflake Client Drivers
OCSP checks were originally implemented as an additional step to ensure the endpoints your clients are talking to are secure. A Snowflake client will potentially talk to several endpoints. Each endpoint serves a certificate whose validity…
How to Triage OCSP Related Connectivity Problems
FAQ: Background This document outlines some basic steps customers can take to verify whether there is an OCSP related problem, and to potentially identify its origin.
Connect to Organization based privatelink URI causes OCSP WARNING
Driver is connecting to an HTTPS endpoint without OCSP based Certificate Revocation checking as it could not obtain a valid OCSP Response to use from the CA OCSP responder.
SnowCD fails check for regionless accounts with PrivateLink enabled
CAUSE: This is caused by a limitation in SnowCD versions 1.0.5 and earlier which do not recognize the key OCSP_CACHE_REGIONLESS and attempt to incorrectly test it as a non - OCSP URL.
ODBC configuration and connection parameters
ODBC configuration and connection parameters The Snowflake ODBC driver utilizes both configuration and connection parameters. The methods for setting the parameters are different depending on the environment in which the driver is…
Connecting to Snowflake with the Python Connector
After configuring your driver, you can evaluate and troubleshoot your network connectivity to Snowflake using SnowCD. You can use SnowCD during the initial configuration process and on - demand to evaluate and troubleshoot your network…
Change of Certificate Authority and OCSP Allowlist for AWS Customers
As part of Snowflake’s continued commitment to providing best - in - class transport - layer - security (TLS) we are migrating all endpoints used by connectors, drivers, SQL API clients and all PrivateLink Endpoints to a new load balancing…