Refreshing a CRL or an expired CRL

There are two main reasons to refresh the CRL, or Certificate Revocation List:

  • If the CRL is about to expire, then you must refresh it to change the expiration date. Otherwise, no one, including yourself, can log in to the host server.
  • Sometimes, the Revoked Certificates folder in the Certificate Manager dialog box does not match the actual contents of the CRL. If this happens, then you can replace the CRL with a new one that matches the Revoked Certificates folder.