Certificate revocation status monitoring¶
TLS Protect Cloud automatically checks the revocation status of non-expired, public (DNS-resolvable) certificates every six hours using Certificate Revocation Lists (CRLs). These checks only apply to leaf and intermediate certificates that are stored in the Certificates inventory.
Important
Root certificates cannot be revoked and are not included in revocation status monitoring.
Manually search a certificate's revocation information¶
You can manually search and review both the current revocation status of a certificate and any revocation requests submitted in TLS Protect Cloud.
- In the menu bar, go to Inventory > Certificates.
- In the Certificates list, click a certificate to view its details.
You can also use filters to locate a specific certificate. - Click Revocation to view revocation-related data.
See Understanding certificate revocation information for details.
Understanding certificate revocation information¶
The Revocation tab in the certificate details view shows data about the certificate’s revocation state. This information appears in the Revocation Information section and may vary depending on the filters you apply. The following table describes the revocation data fields you might see:
| Field | Description |
|---|---|
| Revocation status | The current trust status of the certificate as reported by the issuing CA. Possible values include: • Valid: The certificate is active and trusted by the CA. • Revoked: The certificate has been officially revoked by the CA. • Unavailable: The system could not verify the revocation status. This may be due to issues reaching the CA’s revocation endpoint. Contact the issuing CA to confirm the certificate's validity. |
| Revocation date | The date and time when the certificate was officially revoked by the CA. |
| Revocation reason | The justification selected for revoking the certificate (for example, "Superseded"). |
| Requester | The username and email of the person who submitted the revocation request. |
| Comment | Any comment entered by the requester at submission time. |
| Revocation request status | The current state of the revocation request (for example, "Pending", "Completed"). |
Warning
Submitting a revocation request does not automatically revoke the certificate. The certificate status may remain Valid until the issuing CA completes the revocation process. Check the Revocation status field for confirmation.