Arm Mbed OS support forum

Certificate being revoked after valid and passed verification for awhile

Hi,

I have the issue of certificate being revoked, not sure the reason. The certificates have not expired, and here the code
The certificates are passed the verification for a while, then suddenly failed the verification with the REVOKED error.

Do you see this situation before? And how that happens?

Sincerely,
Ben N

int VerifyCertWithCaCertificate (mbedtls_x509_crt *clicert,
mbedtls_x509_crt *cacert,
mbedtls_x509_crl *crl)
{
int ret = 0;
uint32_t flags;

// Verify certificate validity with CA certificate
LogMessage ("  . Verify the client certificate with CA certificate...");

ret = mbedtls_x509_crt_verify (clicert, cacert, crl, NULL, &flags, NULL, NULL);
if (ret != 0)
{
    if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED)
    {
        if (0 != (flags & MBEDTLS_X509_BADCERT_CN_MISMATCH))  LogMessage (" CN_MISMATCH "); }
        if (0 != (flags & MBEDTLS_X509_BADCERT_EXPIRED)) { LogMessage (" EXPIRED "); }
        if (0 != (flags & MBEDTLS_X509_BADCERT_REVOKED)) {LogMessage (" REVOKED "); }
        if (0 != (flags & MBEDTLS_X509_BADCERT_NOT_TRUSTED)) { LogMessage (" NOT_TRUSTED "); }
        if (0 != (flags & MBEDTLS_X509_BADCERT_FUTURE)) { LogMessage (" SYSTEM_TIME_INFUTURE "); }
        if (0 != (flags & MBEDTLS_X509_BADCRL_NOT_TRUSTED)) { LogMessage (" CRL_NOT_TRUSTED "); }
        if (0 != (flags & MBEDTLS_X509_BADCRL_EXPIRED)) { LogMessage (" CRL_EXPIRED "); }            
    }
    else
    {
        LogMessageArg(" failed\n  !  to verify certificate with CA : ", ret);
        return ret;
    }
}

LogMessage(" ok");

return ret;

}