1 Reply Latest reply on Jul 1, 2009 9:04 AM by chris.s.jordan-5HGl9H

    Programmatically checking the certificate revocation list?


      Hi folks,


      This is kind of related to my previous How does one inspect a digital certificate?, but my question now focuses more on how to go about checking the CRL (Certificate Revocation List) via the CRLDP (Certificate Revocation List Distribution Point).


      I've found that i can get the URI for the CRL using the getCRLDistributionPointsExtension() method, but I don't know what to do with that URI. Again, I need to examine the list programmatically. I tried just browsing to the URI that I was given thinking that would just show me perhaps some XML or an on-screen listing of the revoked serial numbers, but instead my browser imported the list. I need to get at that list programmatically.


      Can someone help me to understand how to do that?