[Ejbca-develop] CRL Certificate checl status

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Morning Tomas,

Analyze the following case:

I created this certificate chain: Root>CA>SubCA>EndEntity1Certificate. All
of them was imported to the browser.

I signed a PDF using SignServer. In the document, we can verify the
signature and the Certificate Issuer. Here, is all OK.

Now, for a test case.

I revoked the certificate EndEntity1Certificate, generate the CRL by
AdminGUI and imported to the browser. When I verify the certificate by
"Check Certificate Status" on the Miscellaneous menu, the status of it is
REVOKED, but when I access the "List User's Certificates" and in the same
certificate access "Check if Certificate is Revoked", the status is "Not
Revoked". Is it right?

And after I sign another document with the certificate revoked, when I check
the document, the status is "The Signature is Valid". There is some trick to
use CRL?

Regards

-----
Nenhum virus encontrado nessa mensagem.
Verificado por AVG - www.avgbrasil.com.br
Versao: 2013.0.2890 / Banco de dados de virus: 2639/6038 - Data de
Lancamento: 01/16/13