CRL (Certificate Revocation List)

The simplest method to check the validity of the user's certificates is regulary download of the certificate revocation lists.

The simplest method is sufficient for such sites where the transactions have relatively low level of importance. As the maximum interval of renewal of the certification lists can be up to 12 hours, it can happen that the certificates of a person have already been revoked but information about it has not yet reached the revocation list used by the system.

A more secure way than using the revocation lists is to verify the validity upon each transaction by using the OCSP service that provides the most updated information about the validity in real time.


If you didn't find an answer to your question, send it to our team.

  • See instructions
  • Please estimate your ability to use the computer, so that we can provide you with the best guidance


  • Verification failed

How can we improve the article and be more helpful?
Send Close