When Firefox tries to go to a site with a revoked SSL certificate, it displays an error page telling me that the certificate was revoked, but doesn't have any information about why this is. Is there a way I can find out why the server's certificate was revoked? CAs obviously publish the fact that they revoked a certificate, but do they also say why they revoked it, and is there a way for me as a user (and not a browser) to look at that information myself?
Asked
Active
Viewed 1,484 times
2 Answers
1
Address of a site would be of help. No, CAs do not publish any information why certificates are revoked. Most likely they were compromised thus should not be trusted.
ZaB
- 2,449
-
The site I had in mind replaced their certificate between the time I encountered the problem and the time I asked the question. – Paul Kuliniewicz Feb 18 '12 at 20:40
0
There is only one reason a CA would revoke a certificate -- the CA no longer wishes to vouch for the association between the holder of the private key corresponding to the public key in the certificate and the name on the certificate.
David Schwartz
- 61,880