OpenSSL CRL Certificate Revocation List Utilities
Jump to navigation
Jump to search
Certificate Revocation List (CRL) Information
- Extension(s) .crl, .pem
- A Certificate Revocation List (CRL) is a cryptographically-signed list of certificates that a certificate authority has declared to be revoked.
- A CRL file may be encoded in PEM format, DER format, or possibly some other format.
- A PEM-encoded CRL file is plain text, with base64-encoded payload data. It contains a line that reads "-----BEGIN X509 CRL-----".
CRL Commands
- View the contents of a PEM-formatted CRL file.
- # openssl crl -noout -text -in <crlfile-pem>.crl
- View the contents of a DER-formatted CRL file:
- # openssl crl -inform der -noout -text -in <crlfile-der>.crl