AnsweredAssumed Answered

Possible bug in reporting revoked certificates

Question asked by Jon Warbrick on Sep 29, 2016
Latest reply on Nov 11, 2016 by Bhushan Lokhande

Earlier in the week, our normal CA had a problem with its CRL/OCSP infrastructure. One of the effects was that some recently issued certificates were reported as revoked by some of the relevant OCSP servers.

 

While this was happening, the SSL Labs server test correctly reported the certificate as untrusted, but showed both the leaf certificate and it's intermediate as revoked. Tests on servers with older certificates using exactly the same certificate chain and intermediate showed no problems. I suspect that the fact that the intermediate was reported as revoked when testing the problematic certificate may be a bug in the test suite.

 

FYI

 

Jon Warbrick

Outcomes