Checking the CRLDP??

Question

Hi again folks,This is kind of related to my previous post about inspecting digital certificates, but my question now focuses more on how to go about checking the CRL (Certificate Revocation List) via the CRLDP (Certificate Revocation List Distribution Point).I've found that i can get the URI for the CRL using the getCRLDistributionPointsExtension() method, but I don't know what to do with that URI. Again, I need to examine the list programmatically. I tried just browsing to the URI that I was given thinking that would just show me perhaps some XML or an on-screen listing of the revoked serial numbers, but instead my browser imported the list. I need to get at that list programmatically.Can someone help me to understand how to do that?Thanks again,Chris

chris_s_jordan-5HGl9H · Answer

Okay, so I think I partially figured this out. If I just do a cfhttp to the address of the .crl URI I get a java.io.ByteArrayOutputStream object in the FileContent portion of the return value. It looks like this might be the CRL in the DER encoded format. I've got a toString() function and a toByteArray() function amongst other things.

So, now I'm wondering if all I need to do is figure out how to decode DER encoded content.

Anyone know how to do that??

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded