DigiCert to Revoke 83,000+ SSL Certificates

Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain.

How to check for Certificate Revocation

Certutil Command-Line Tool: Available on Windows, this tool can verify certificates and CRLs

certutil -f -urlfetch -verify mycertificatefile.cer

Sending an OCSP Request: Use a tool like OpenSSL to send an OCSP request to the URL obtained in the previous step:

openssl ocsp -issuer issuer.crt -cert cert.crt -url <OCSP_URL>

External News

DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight

DigiCert to Revoke Thousands of Certificates Following DNS Validation Error

DigiCert to Revoke 83,000+ SSL Certificates

Comments