How to generate a CRL (certificate revocation list) file

java certificate cer
Felix picture Felix · Apr 22, 2011 · Viewed 9.7k times · Source

I'm using self-signed certificates for testing, how can I generate certificate revocation list to test cert verification? Has keytool in JDK provided such functionalities?

Thanks!

Answer

Alastair picture Alastair · Apr 22, 2011

OpenSSL http://www.openssl.org/

The CA (included) is excellent for testing simple PKIs. Perhaps a little bit daunting at first, but there is plenty of info around.

For CRLs, the out of the box setup should do the trick for you: https://www.openssl.org/docs/manmaster/man1/ca.html#CRL-OPTIONS

All the best.

Related questions

Convert .cer certificate to .jks

I need to convert a .cer file to a .jks file. I saw a few questions about it, but haven't seen a solution to what I need. I don't need it in order to add it to my local certificates, …

Read More
How to import a .cer certificate into a java keystore?

During the development of a Java webservice client I ran into a problem. Authentication for the webservice is using a client certificate, a username and a password. The client certificate I received from the company behind the webservice is in .…

Read More
Trusting all certificates using HttpClient over HTTPS

Recently posted a question regarding the HttpClient over Https (found here). I've made some headway, but I've run into new issues. As with my last problem, I can't seem to find an example anywhere that works for me. Basically, I …

Read More