Revocation Monitoring

Certificate revocation list A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their scheduled expiration date and should no longer be trusted. (CRL A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their scheduled expiration date and should no longer be trusted.) and online certificate status protocol (OCSP) locations are configured in the Revocation Monitoring section of the Management Portal to allow for email notifications when CRLs are near or at expiration, and for display on the Revocation Monitoring dashboard (see Dashboard: Revocation Monitoring). When revocation notifications are sent via email, matching events are written to the Windows event log on the Keyfactor Command server. The alert time-frame is calculated based on the date that the CRL expires, rather than the Next Publish date. This allows for users to define their own alerts and log entries (thus determining their own definition of stale).

Tip: Where to find this in the Management Portal:

Alerts → Revocation Monitoring

CRL monitoring and notification provides information on:

The status of the CRL endpoint An endpoint is a URL that enables the API to gain access to resources on a server.'s responsiveness (e.g., is the file missing or the web site unreachable).
Warning of upcoming expiration for a CRL.
Notification of expired CRLs.

OCSP monitoring and notification provides only information on whether or not the OCSP endpoint is responsive. Expiration is not relevant for OSCP.

Tip: Click the help icon (

) next to the Revocation Monitoring page title to open the Keyfactor Software & Documentation Portal to this section. You will receive a prompt indicating:

You are being redirected to an external website ‘software.keyfactor.com'. Would you like to proceed?

You can also find Help in the Navigator The Navigator is the Keyfactor Command left-hand (newer versions) or top (older versions) navigation menu. Certificate collections and reports can be configured to be added to the menu using user-defined Show in Navigator settings.. From here you can choose to open either the Keyfactor Software & Documentation Portal at the home page or the Keyfactor API Endpoint Utility.

Keyfactor provides two sets of documentation: the On-Premises Documentation Suite and the Managed Services Documentation Suite. Which documentation set is accessed is determined by the Application Settings: On-Prem Documentation setting (see Application Settings: Console Tab).

Was this page helpful? Provide Feedback

Version v25.4

On this page: