0Pricing
Cryptology Academy · Lesson

Certificate Revocation: CRL & OCSP

Understand how compromised certificates are revoked in practice.

Welcome

Certificates expire, but sometimes a private key is compromised before expiry. Revocation mechanisms let CAs announce that a certificate is no longer trustworthy.

Why Revocation Matters

If an attacker steals your TLS private key, they can impersonate your server until the certificate expires. Revocation lets the CA invalidate the certificate immediately.

All lessons in this course

  1. What Is a Certificate? X.509 Structure
  2. Certificate Authorities & Trust Chains
  3. Certificate Revocation: CRL & OCSP
  4. Creating Self-Signed Certs with OpenSSL
← Back to Cryptology Academy