What is a Certificate Revocation List (CRL)

A Certificate Revocation List (CRL) is a list of certificates that have been revoked by the Certifying Authority (CA) before their expiration date, i.e. these certificates are no longer valid. There can be many reasons as to why a certificate was revoked, some are given below:

• The private key has been lost or compromised, therefore it can no longer be trusted.
• The previous owner of a domain no longer owns that domain or ceases operations entirely.
• The certificate was discovered to be counterfeit.