Skip to main content

Certificate Revocation and Renewal

  • Chapter
  • First Online:
Pro Active Directory Certificate Services
  • 1005 Accesses

Abstract

Like credit cards, digital certificates have a limited validity period. Most credit cards have only an expiration date (end of validity period), while digital certificates also have a start of validity period. The CA determines the start and end of the validity period when they issue a digital certificate, and those are included in the X.509 structure. These are covered by the certificate digital signature so they cannot be changed without detection. An expired digital certificate should normally not be used, except in certain specific situations (such as reading an old encrypted email). It is up to every relying application to check the validity dates against a trusted time source every time a certificate is used. As with credit cards, sometime you need to “expire” a certificate before the official expiration date. This is accomplished via “certificate revocation checking”. Any expired or revoked certificate can normally be renewed with a later validity period.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+
from €37.37 /Month
  • Starting from 10 chapters or articles per month
  • Access and download chapters and articles from more than 300k books and 2,500 journals
  • Cancel anytime
View plans

Buy Now

eBook
EUR 17.99
Price includes VAT (Netherlands)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 59.94
Price includes VAT (Netherlands)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to APress Media, LLC, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Hughes, L.E. (2022). Certificate Revocation and Renewal. In: Pro Active Directory Certificate Services. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-7486-6_7

Download citation

Publish with us

Policies and ethics