Limited time promo

How do browsers handle revoked SSL/TLS certificates

English en

This article applies only to Backup4all. If you don't have it yet, you must download it first.

Download now Buy licenses
Aug 12, 2021

We strive to keep our articles as accurate as possible. If you notice any inconsistencies or outdated info please let us know.
This article explains the security certificates role and how they are handled by browsers.

On this page:

What is a security certificate?

A security certificate is a data file used to check the identity, authenticity and reliability of a website or Web application as a security technique. It is used as a means to provide the security level of a website to general visitors, Internet service providers (ISPs) and Web servers.
A security certificate is also known as a digital certificate and as a Secure Socket Layer (SSL) certificate.

What is a revoked certificate?

Certificate revocation is the act of invalidating a TLS/SSL before its scheduled expiration date.
A certificate should be revoked immediately when its private key shows signs of being compromised. It should also be revoked when the domain for which it was issued is no longer operational.
Certificates that are revoked are stored on a list by the CA, called the Certificate Revocation List(CRL). When a client attempts to initiate a connection with a server, it checks for problems in the certificate, and part of this check is to ensure that the certificate is not on the CRL. The CRL contains the certificates’ serial number and the revocation time.

How to disable the check for publisher’s certificate revocation

There are cases when the computers are not connected to the internet or the cerificate revocation cannot be verified and there is no way for the browser to verify its certificate validity.
  1. Go to Start menu-> Control Panel
  2. Open Internet Options
  3. Navigate to the tab Advanced
  4. Uncheck the Check for publisher’s certificate revocation under the Security section
  5. Press OK