We just visited the test URL https://revoked-isrgrootx1.letsencrypt.org using Safari, Chrome, Opera, and Firefox. Much to our surprise - only Opera and Firefox showed the server’s certificate as revoked. Settings in Keychain Access are correct (“best effort” or “required if cert indicates”). Thoug…

Are revoked certificates detected in Safari and Chrome?

DanCvrcek September 20, 2017, 10:14pm 6

gets a bit better - Chrome correctly shows "Not Secure". However, Safari is still happy. Both browsers behave the same when I changed the preference of CRL/OCSP in Keychain Access.

Topic		Replies	Views
Revoked certs not showing as revoked in browsers	8	4804	January 31, 2021
OCSP stapling doesn't reflect revoked certificate Help	18	1097	July 15, 2023
Revoked cert still valid at crt.sh Help	14	3072	October 9, 2016
ISRG root test pages do not use OCSP stapling Issuance Tech	7	1739	January 21, 2017
OCSP responder reports revoked state for revoked-isrgrootx1.letsencrypt.org but stapled response is good? Issuance Tech	9	1398	May 15, 2019

Are revoked certificates detected in Safari and Chrome?

Related topics