PKI Storage Manager - Certificates Verification
In asymmetrical cryptography it is possible to revoke the certificate (signed by Certification Authority); the certificate is revoked and Certification Authority issues a list of revoked certificates that includes information of date of revocation and specified reason of revocation. Everybody who works with certificates signed by Certificate Authority should keep lists of revoked certificates from CA updated and should check all the certificates after relevant CRL import in the local PKI to be sure that it is not revoked. The check in PKI Storage Manager module can be performed by selection of the relevant menu in the main menu (Tools/Check certificates). PKI Storage Manager performs the check of all certificates in the selected storage and the dialog window with result is displayed. Certificate stops to be valid in case that the validity time has expired, the certificate signature is corrupted or the certificate appears on the CRL. The list of revoked certificate is displayed in the mentioned dialog window after the check.
Individual certificates can be then deleted by the user or exported to the file. Certificates can also stay in local storage but it is not recommended. During the certificate check in the storage are checked all certificates against all revoked certificates in the given storage. If the user has more local storages, he should import/copy the list of revoked certificates to these storages also.