FAQ: Digital Certificate Revocation - SSL.com
Unable to get certificate CRL – KerioConnect Support Overview. While renewing the SSL certificate, the new certificate is being marked as Untrusted with Unable to get certificate CRL warning. The Kerio Connect Configuration -> SSL certificates UI is showing Invalid certificate yellow mark.. The invalid certificate warning does not generate any entry in the logs and the issuers (Certification Authorities) for old and new certificates are the same. cryptography - SSL Certificate revocation check CRL (certificate revocation list); OCSP (Online Certificate Status Protocol) (and the alternative OCSP stapling method). Neither of these is SSL specific, and they do just that: check the status of a certificate. So they both apply to anything that uses certificates. Download Roots/CRL - US - Digicert + QuoVadis US
OpenSSL: Manually verify a certificate against a CRL
Apr 03, 2020 How Do Browsers Handle Revoked SSL/TLS Certificates? - SSL.com Introduction. Checking the revocation status of SSL/TLS certificates presented by HTTPS websites is an ongoing problem in web security. Unless a server is configured to use OCSP Stapling, online revocation checking by web browsers is both slow and privacy-compromising.Because online OCSP queries fail so often and are impossible in some situations (such as with captive portals), browsers ComodoCA Official Site | Comodo SSL Certificates Official Site
I was using an SSL certificate (from StartSSL, but I don't think that matters much) and hadn't set up the intermediate certificate properly. If you're having the same problem as user1270392 above, it's probably a good idea to test your SSL cert and fix any issues with it before resorting to the curl -k fix.
What Is a Certificate Revocation List (CRL)? - KeyCDN Support Oct 04, 2018 Test OCSP & CRL Access - Certificate Utility | DigiCert.com After the Certificate Authority (CA) revokes an SSL Certificate, the CA takes the serial number of the certificate and adds it to their certificate revocation list (CRL). The URL to the Certificate Authority’s certificate revocation list is contained in each SSL Certificate in the CRL Distribution Points field. Let's Encrypt - Free SSL/TLS Certificates Let's Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG).. 1 Letterman Drive, Suite D4700, San Francisco, CA 94129, USA The impact of SSL certificate revocation on web