27
2
Do any web browsers cache SSL server certificates? For example, if I change the SSL certificate on a web server, will all of the web browsers pick up the new certificate when they connect via SSL, or is it possible that they could have a stale certificate?
I'm thinking of the scenario when an SSL certificate expires and is replaced by a new one on the web server.
1As of 2019 my Chrome 75 is caching SSL certificates – Fabian Thommen – 2019-06-14T10:26:06.920
TLS 1.2 introduced session tickets. This mechanism effectively "caches" the certificate, by not needing to transfer it at all. More info at https://blog.filippo.io/we-need-to-talk-about-session-tickets/
– Jari Turkia – 2020-02-20T20:49:33.720I would assume the browser checks the date on the cert to see if it needs to get a newer one, like it does for everything else but am not sure. – soandos – 2012-02-16T14:23:01.760
Have a look here http://www.imperialviolet.org/2011/05/04/pinning.html about "certificate pinning" and at the HSTS initiative whis is related to the former http://dev.chromium.org/sts
– Shadok – 2012-12-14T15:58:25.637