fetch-crl
« Back to VersTracker
Description:
Retrieve certificate revocation lists (CRLs)
Type: Formula  |  Latest Version: 3.0.23@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: security pki cryptography networking certificates
Install: brew install fetch-crl
About:
FetchCRL is a command-line utility designed to automate the retrieval of Certificate Revocation Lists (CRLs) from various sources. It simplifies the process of maintaining up-to-date revocation data, which is essential for validating X.509 certificates in a Public Key Infrastructure (PKI). The tool supports multiple protocols and offers robust error handling, making it a reliable component for secure system administration.
Key Features:
  • Automated downloading of CRLs via HTTP, LDAP, or SFTP
  • Supports multiple CRL formats including DER and PEM
  • Flexible configuration for handling different CA structures
  • Built-in retry mechanisms and error logging
Use Cases:
  • Maintaining an OpenSSL trust store with current revocation lists
  • Automating PKI infrastructure setup for private Certificate Authorities
  • Ensuring compliance with security policies that require certificate validation
Alternatives:
  • OpenSSL – OpenSSL can manually download CRLs but lacks FetchCRL's automation and dedicated configuration management.
  • CURL – CURL is a generic downloader; FetchCRL provides specific logic for parsing and validating CRLs.
License: Apache-2.0
Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, arm64_ventura, arm64_monterey, arm64_big_sur, sonoma, ventura, monterey, big_sur, arm64_linux, x86_64_linux
Version History
Detected Version Rev Change Commit
Sep 13, 2025 5:57pm 0 VERSION_BUMP aacc83bc
Sep 13, 2024 5:25am 0 VERSION_BUMP 9065ddfd
« Back to VersTracker  |  Browse Packages  |  About