To help CAs better troubleshoot and prevent problems detected by CRL Watch:
https://sslmate.com/labs/crl_watch/ now includes some troubleshooting tips which explain how to resolve common problems reported by CRL Watch. https://sslmate.com/labs/crl_watch/ now has a form (at the bottom of the page) where you can submit a CRL URL or JSON array of partitioned CRLs for validation. The source code used by CRL Watch to validate CRLs is now available at <https://github.com/SSLMate/crlutil>. It includes a command line tool, checkcrl, that can check a CRL, or a list of partitioned CRLs, in the same way that CRL Watch does. Note that CRL Watch is not a linter - it just does basic sanity checks to make sure a CRL disclosure is correct. The best time to run checkcrl or use the online form is when updating a CCADB disclosure, to confirm that the information you're about to disclose is correct; for checking a CRL at signing time, use a linter. Regards, Andrew -- You received this message because you are subscribed to the Google Groups "CCADB Public" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/ccadb.org/d/msgid/public/20260119144554.a525acc22d2ffbcc3a53ebcf%40andrewayer.name.
