Controls

How to Check for Revoked Certificates

F5 Labs' David Warburton writes for Venafi, discussing the different methods for checking a certificate's status, and their relative benefits.
December 26, 2018
1 min. read

In my last post, I examined the reasons why certificate revocation is important to enterprise security. Now I’ll walk you through the steps you need to follow to check for revoked certificates.

Certificates are believed to be ‘good’ unless we’re told otherwise, so certificate authorities simply need to maintain lists of ‘bad’ certificates that have been revoked. These lists are then made available so that anyone can query the status of a certificate. For the most part, if the certificate we are checking does not appear on a list, we can assume it’s okay.

Many methods exist for publishing and querying these lists but few of them are widely used. This is largely because the methods are slow, prone to failure or are just plain complicated to understand and implement. So, what are the methods and what problems do they have?

Read the full article published July 31, 2018 here: https://www.venafi.com/blog/how-check-revoked-certificates by Venafi.

Join the Discussion
Authors & Contributors
David Warburton (Author)
Director, F5 Labs

More from Learning Center

What Is Zero Trust Architecture (ZTA)?
What Is Zero Trust Architecture (ZTA)?
article 13 min. read
What Is Access Control?
What Is Access Control?
article 15 min. read
What is Multi-Cloud and How Does It Affect Security?
What is Multi-Cloud and How Does It Affect Security?
article 13 min. read