Certificate Revocation Lists (CRL) DE

Dealing with CRLs

Only a few programs currently support automatic certificate validation using CRLs. We recommend that you install the latest CRL for each certificate class in your software. Please refer to the user’s guide below for a description of the various installation options.

Download:

Some programs allow users to import CRLs as *.crl files. To download a CRL, proceed as follows:

  1. Place the mouse over the CRL you want to download.
  2. Right-click the mouse..
  3. Select the "Save file" option in the context menu that appears (may vary slightly depending on the browser).
  4. In the next pop-up window select the directory, folder, etc. where you want to save the file to and then click "Save". To import the saved file into specific applications, please see the respective user’s manual.
    .

Installation with Internet Explorer 5:

If you use Microsoft Internet Explorer 5 and above, you can import CRLs directly into your Certificate Manager Wizard. Follow the steps below: 

  1. Save the CRL on your system as described under Download, above.
  2. a) Select the CRL in Windows Explorer and right-click on it. In the pop-up menu, select "Import certificate revocation list".
    b) Alternatively, instead of proceeding as described under point 2a, you can also choose "Internet options" under the "Tools" menu in Internet Explorer 5 and above. Click the "Contents" tab and then select "Certificates" to access the certificate database. Now click on "Import..." to import the desired CRL.
  3. In the "Certificate Manager Import Wizard" pop-up window, click the "Next" button twice as and when prompted and then click the "Finish" button. The imported CRL is now available on Internet Explorer 5x and, if applicable, Outlook Express 5x.

To transfer the imported CRL to Outlook Express 5 or higher, select "Options" from the "Tools" menu in Outlook Express and click on the "Security" tab". Then click on "Advanced Settings" and activate the "Only when online" option under "Revocation Checking".

LDAP retrieval:

Some programs support CRL retrieval from an LDAP directory. In order to retrieve CRLs from the TC TrustCenter LDAP directory, you must first configure the relevant LDAP settings in your software. Please refer to your software user manual to find out how to open the window for LDAP-based CRL retrieval in your program.

The following settings are valid for the Java LDAP browser:


Here are the settings for the LDAP browser software:

Please enter the desired CRL class as the search term in the "Filter" field, for example: TC TrustCenter Class 2 CA.

Top of Page Top of Page