Home / Information Security / SSL/TLS Revoked Certificates Crawler

SSL/TLS Revoked Certificates Crawler

During my time with the Security Engineering Team at Mozilla, I had to understand the dynamics of revoked certificates. So I built a tool that crawls the internet and pulls revoked certificate information and populates a database. The script is written in Python and it multi-threaded for enhanced performance. The last time I ran the script against Alexa’s top million websites, there were more than 2.5 million revoked certificates. Below is a graph that shows the reasons indicted in those certificates of why they have been revoked.

Revoked Certificates
Reasons why certificates are revoked

The modularity of the tool allows you to do anything with the SSL/TLS certificates once you get them other than checking the revocation information. It is available on github from here.

Check Also

Proposal for Better Revocation Model of SSL/TLS Certificates

Mohammed H. Almeshekah Mozilla Corporation, September 2013    ABSTRACT: There are multiple initiatives that have emerged …

Leave a Reply

Your email address will not be published. Required fields are marked *