1. Home
  2. /
  3. Retrieve Certificate Revocation Lists from EJBCA

Retrieve Certificate Revocation Lists from EJBCA 

Find out how to retrieve Certificate Revocation Lists (CRLs) from EJBCA and what configuration options are available.

hero-sub-2
CRLs-image

Find out if a digital certificate has been revoked

The purpose of Certificate Revocation Lists (CRLs) is to convey the revocation status of digital certificates that are either revoked or on hold. CRLs are periodically issued, time-stamped, and signed data structures by certificate authorities (CA) or CRL issuers. This format is standardized in RFC 5280

CRLs are published according to internal CA policies, with a periodicity ranging from hourly to daily or weekly. The status of a certificate within the CRL is categorized as either revoked, which indicates that it is irreversibly revoked, or hold, which denotes temporary invalidity.

EJBCA also supports another method to convey information about revoked certificates: the Online Certificate Status Protocol (OCSP).  

How to get started

In this tutorial video, you will learn how to obtain CRLs from EJBCA, configure different options, and set up the CRL download location within the CA or Certificate Profile.

Prerequisites:

A running EJBCA instance that is accessible via the CA UI.

Note: In this tutorial, the following version is used: EJBCA CE 8.1 beta

Documentation 

Tutorials/documentation

Documentation

Check out the supplementary EJBCA and CRL documentation.

CRL Generation CRL CA Issuer URI Certificate Store Access via HTTP

Docker Hub

Get your hands on the EJBCA Docker container by downloading it now.

Docker Hub

YouTube

Take a peek at our tutorial video on YouTube, and browse through some of our other videos as well.

YouTube tutorials

Discuss

You can ask your questions and learn from PKI specialists in the EJBCA forum on GitHub Discussions.

Engage with us on GitHub

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey Solutions AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Check to consent to the use of Necessary cookies
Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Check to consent to the use of Functional cookies
Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

Check to consent to the use of Cookies for statistics
For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

Check to consent to the use of Cookies for ad-tracking
To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.

Ad measurement user cookies

Check to consent to the use of Ad measurement user cookies
In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

Check to consent to the use of Personalized ads cookies
To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data
Close