Delete CRL and OCSP Cache

Delete CRL and OCSP Cache

Clear CRL & OCSP Cache


By default, Windows caches Certificate Revocation Lists (CRL) and CA certificates to quickly verify certificate chains. The downside of this behavior is that the client does not pick up a newer CRL until the locally cached CRL has expired. To delete OCSP and/or CRL cache from your Windows system:

Go to Start Menu > Run
Type cmd and press Enter

Enter the following command and press Enter to execute:
certutil -urlcache * delete

Mac OS X

Note: After clearing the cache, you need to restart your computer for the changes to take effect. 

OS X (through 10.11)

To delete both OCSP and CRL cache, in a terminal, enter the following command:
sudo rm /var/db/crls/*cache.db

That will remove the following files:

  • /var/db/crls/crlcache.db
  • /var/db/crls/ocspcache.db

OS X 10.12 Sierra

To delete both OCSP and CRL cache in OS X 10.12, open a terminal and run the following command:
sqlite3 ~/Library/Keychains/*/ocspcache.sqlite3 'DELETE FROM ocsp;'

Alertas de Sistema de GlobalSign

Ver alertas recientes del sistema.

Ver Alertas

Herramienta de Inventario para Certificados

Escanee sus puntos finales (endpoints) para localizar todos sus Certificados.

Iniciar sesión / Registrarse

Prueba de Configuración para SSL

Verifique la instalación de su certificado para detectar problemas y vulnerabilidades de SSL.