Certificate Revocation List (CRL)

A Certificate Revocation List (CRL) is a list of certificate serial numbers that have been revoked, no longer valid and can not be trusted anymore by users.

A CRL will be created periodical. The CRL will be published frequently by a Certificate Authority (CA) which specifies normally only those certificates from this CA. All CRL's often have a short validity period. CRL's can be consulted by applications with build-in PKI functionality. To prevent spoofing or denial-of-service attacks CRL's are often digitally signed by the CA.

An other method to check the status of a certificate is the Online Certificate Status Protocol.


Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues

point up