Hello Developer,

I have used the isRevoked method in the Java library to perform a CRL (Certificate Revocation List) check, but I found that it does not return the expected result as specified by RFC 5280. Could you please let me know if Bouncy Castle or the Java library provides an API that implements the CRL validation algorithm as described in Chapter 6 of RFC 5280?

Thank you.

As far as I'm aware both APIs are compliant with RFC 5280. When you say, "does not return the expected result" can you provide some details? If there's an issue with the BC API we'd certainly like to fix it, but it's impossible to tell what's going on from the current data available.

Hello, developer. The command line shows the result of my verification using OpenSSL, which displays a different range. In PyCharm, I am using the is_certificate_revoked method from the Java standard library for verification, and it does not check the CRL range according to RFC5280.

I really need the certificate chain and the CRL to work out what is going on here.

Hello developer, since the is_revoked function can run without the certificate chain, I'm not sure how to add the certificate chain into the validation process.