Stack Overflow
Stack Overflow

Questions tagged [certificate-revocation]

Certification Revocation is a process through which we make sure that certificates that are no longer valid are not used by the relying clients

137 questions
2
votes
2 answers

How can we do our own Certificate Verification Step in HTTPS

I need to put my own certificate verification step in SSL Handshake when making an HTTPS connection with HttpsURLConnection. I have written my own certificate verification code to verify some property in the host certificates say Certificate…
Jeewantha
  • 965
  • 1
  • 11
  • 28
2
votes
1 answer

ClassNotFoundException from applet on Java 1.7u25 when certificate revocation check is enabled; working fine on 1.6

I'm using html & jnlp to deploy the applet. The applet is signed by externally generated certificate because it needs all-permissions. It works fine on Java 1.6. On Java 1.7 it throws ClassNotFoundException being unable to find applet's main…
Woland
  • 111
  • 1
  • 2
  • 9
2
votes
1 answer

Any Issue With Revoking Certificate Regularly

Is there any issue, if I revoke my development certificate regularly (10 times / month) ? Let consider I'm developing 3 application using different systems with 1 development certificate and 3 provisioning profiles. Regularly I'm adding new devices…
Shamsudheen TK
  • 30,739
  • 9
  • 69
  • 102
2
votes
2 answers

ADCS Online Responder (OCSP) doesn't real-time

I installed the AD, AD CS and OCSP on the same machine in my lab and configured. I then use C# to have a OCSP client so that it can send the revocation check request and parse the response for a particular certificate installed on local machine. The…
Shaun Xu
  • 4,476
  • 2
  • 27
  • 41
1
vote
2 answers

submitting ios app using the private key of a revoked distribution certificate

I have a distribution certificate that is still valid on my mac. the team agent revoked it in the ios portal by mistake. Am I still able to use the old certificate to submit apps to the app store? or should I get a new private key and provision…
YNK
  • 869
  • 6
  • 12
1
vote
0 answers

Solved - SSL certificate validation fails with 'The revocation function was unable to check revocation because the revocation server was offline."

I have a very specific issue with my application. Currently, I host the .net core web service on the IIS on the machine installed in the domain. We use Windows Server 2019. The application connects to the service from our domain but the connection…
aarn94
  • 11
  • 1
  • 3
1
vote
0 answers

How can openssl s_client be used to check if a TLS server presents a revoked certificate?

I'd like to see openssl s_client print or show an error if a server presents a revoked certificate. Servers I've tested against include: revoked.badssl.com -- Though this one is currently broken with an expired…
notatypewriter
  • 11
  • 1
1
vote
0 answers

Adding PDF revocation information as an signed attribute pdfRevocationInfoArchival OID 1.2.840.113583.1.1.8 is not working

I am working on an application which will do digital signatures on PDF. Every thing is working fine till we are putting the pdfRevocationInfoArchival(1.2.840.113583.1.1.8) attribute in CMSSignedData(PKCS#7) as signed attribute. After putting the…
Rohit Kumar Singh
  • 11
  • 2
1
vote
0 answers

How to disable certificate revocation list (CRL) caching on IIS 10.0?

Background Hello, community! I am trying to disable CRL caching on IIS 10.0 in order to be able to fetch updated version of CRL each time I make a request to my website. It is required for development purposes: I revoke or un-revoke client…
Kyrylo Antoshyn
  • 13
  • 4
1
vote
2 answers

Downloading solana dev tools error: "curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012)"

I am unable to install solana dev tools on windows. I’m running in the command prompt as administrator: “curl https://release.solana.com/v1.10.5/solana-install-init-x86_64-pc-windows-msvc.exe --output C:\solana-install-tmp\solana-install-init.exe…
dawka
  • 11
  • 3
1
vote
1 answer

Mosquitto blocks all connections when using CRL file

I am hosting an MQTT broker on a linux server. So far none of the MQTT clients has any problem connecting (sub/pub) until I added the "crlfile" line in the Mosquitto configuration file. When I have the "crlfile" set in the configuration file, none…
Zharfan Zahisham
  • 143
  • 1
  • 9
1
vote
1 answer

MIMEKIT MultipartSigned.Verify How can I disable Certificate Revocation list ceck?

is there anyway to disable the Certificate revocation list check when using MimeKit.Cryptography.MultipartSigned.Verify ? The Party transmitting to me cannot seem to get their CRL distribution point correct and I would like to simply disable the…
The Great Howdo
  • 13
  • 2
1
vote
1 answer

Add CRL number extension to CRL using OpenSSL

For some client testing I need to generate certificates and revocation lists "on the fly". I am able to setup a revocation list with the CRL number extension using OpenSSL console commands and configuration files. However I can't make this work in…
seesharp
  • 47
  • 11
1
vote
1 answer

How to Serialize Python Cryptography CRL Object into PEM

I use python cryptography package to create a CRL object. But I need to convert this object into PEM format. In their documentation they don't seem to have an opposite of deserialization operation x509.load_pem_x509_crl. At the end of the codes…
Lenny
  • 13
  • 3
1
vote
0 answers

How to increase CRL Caching timeout in JSSE?

I want to check for the certificate revocation with the help of CRL. I am using CertPathValidator to validate the certificates. JSSE internally use URICertStore to fetch the CRL and caches it for 30 seconds. Is there any way to increase this timeout…
Ravindra12jan
  • 331
  • 2
  • 13
1 2 3
9 10