When certificates are no longer valid

When certificates are no longer valid

Digital certificates can expire or be revoked.

Digital certificates are issued for a fixed period and are not valid after their expiry date.
Certificates can be revoked for various reasons, including:

The owner has moved to a different organization.
The private key is no longer secret.

IBM MQ can check whether a certificate is revoked by sending a request to an Online Certificate Status Protocol (OCSP) responder (on UNIX, Linux , and Windows only). Alternatively, they can access a Certificate Revocation List (CRL) on an LDAP server. The OCSP revocation and CRL information is published by a Certificate Authority. For more information, see Working with revoked certificates.

Parent topic: Digital certificates