Questions tagged [revoked]
12 questions
17
votes
2 answers
Does reissuing an SSL certificate invalidate the previously-issued certificate?
I used the "reissue certificate" functionality at a SSL certificate vendor (RapidSSL, FWIW) to get a new certificate - in doing so, I created and used a new private key and pass phrase.
Will the re-issuance of this certificate cause the…
Cooper
- 271
- 1
- 2
- 4
13
votes
4 answers
Example of live site with trusted, signed but revoked certificate?
I'm drawing up some documentation for users with the intent on educating them on certificate revocation. I would like to include screen shots of browsers to demonstrate the user experience when encountering a revoked cert. The revocation can occur…
flumignan
- 347
- 2
- 9
4
votes
1 answer
What happens when a public-CA "code signing" certificate is revoked?
Specifically:
Once the certificate is added to the public-CA CRL, how will Windows handle executables signed with that certificate?
Leor
- 93
- 5
2
votes
2 answers
Unrevoke a certificate which was revoked with a status different from Certificate Hold
Is there a way to unrevoke a revoked certificate, which was revoked with the “Superseded” reason code?
I'm using the Certification Authority provided with Windows Server 2008 SP2.
Ondrej Tucny
- 404
- 1
- 7
- 25
1
vote
0 answers
How does certutil determine that a cert is revoked
I'm testing that an x509 certificate can be correctly determined to be revoked. I'm taking the cert from https://revoked.badssl.com and verifying it via certutil. When my system is online, it seems to pull the CRL and determine that it is revoked. I…
Stealth Rabbi
- 111
- 4
1
vote
1 answer
Why does SQLclient still allow encrypted connection with revoked cert?
We are implementing SQL 2014 encrypted connections in the near future. I want to do my due diligence and confirm the cert validation process. I also want to use the trustservercertificate=false option. I want all connections to actually use cert…
MattRDude
- 11
- 3
1
vote
0 answers
Revoking client certificate two way authentication
can we revoke a client certificate by serial (we are using mutual authentication)?
we tried revoking a certificate using the certificate file but the revocation date is not set to the current date . it is set after 3 hours or so. can anybody…
Steve
- 255
- 2
- 11
1
vote
1 answer
OpenVPN client self-sign cert, revoke on elsewhere?
I've got myself into a pretty messy situation:
I generated a clients self-signed certificate on server A, with server A being the CA.
I then copied the self-signed certificate (.crt, .key) to server B, which is also a CA by itself.
I started using…
tw79
- 31
- 1
- 4
1
vote
2 answers
Is OpenVPN revoke (CLR blacklist) computation effective? How much keys can I safely revoke?
We are building a system where we will have to black-list OpenVPN keys quite a lot. Hence the question: is OpenVPN algorithm for blacklisting keys computation effective? How much keys can I safely revoke before OpenVPN requires too much resources…
user46747
1
vote
1 answer
OpenSSL invalid revocation date / update CRL?
I have an index.txt file where I changed the value of a certificate - whose certificate file I do not have - from V to R to revoke it.
The index.txt looks as follows exemplarily:
V 220303095424Z 123456 unknown /bla
R 220303104529Z …
Ferit
- 111
- 3
0
votes
1 answer
Apache 2.2.14: SSLCARevocation location
I am installing a .crl in my apache config. It looks like this:
VirtualHost default
DocumentRoot "web"
ServerName example.com
SSLEngine on
SSLCertificateFile "cert.crt"
SSLCertificateKeyFile "key.key"
SSLCertificateChainFile…
Doc
0
votes
4 answers
FireFox detects Revoked Certificate, IE does not
Our exchange web access is secured by an SSL certificate. When I try to visit the web access in FireFox (v2 and v3.5), I get:
Secure Connection Failed
An error occurred during a connection to www.example.net.au.
Peer's Certificate has been…
Mark Henderson
- 68,316
- 31
- 175
- 255