← Back to glossary

🧯

Certificate Revocation

Encryption

Certificate Authority (CA) Public Key Infrastructure (PKI) OCSP CRL (Certificate Revocation List)

Marking a certificate as no longer trusted before it expires.

Definition

Certificate revocation invalidates a certificate early if it’s compromised or shouldn’t be trusted.

In plain English Marking a certificate as no longer trusted before it expires.

Why this matters

Why it matters: It limits damage if a key is stolen or a certificate was issued incorrectly.

Example

Example: A CA revokes a certificate after a private key leak.