Find sites that have revoked certificates so you can
make informed decisions about allowed traffic.
A revoked certificate is no longer valid.
It may indicate that there are security issues with a site and that
the certificate is not trustworthy, although there are also benign
reasons why a certificate may be revoked.
Don’t
trust revoked certificates; enable certificate revocation checking
to deny access to sites with revoked certificates.
In
order to drop sessions with revoked certificates and troubleshoot
revoked certificates, you need to enable certificate revocation
checking. If you don’t enable
certificate revocation checking,
the firewall doesn’t check for revoked certificates and you won’t
know if a site has a revoked certificate.