Letsencrypt/警告/ssl.comについて、ここに記述してください。 https://twitter.com/beyondDNS/status/1488761403657768960?s=20&t=iBgTon7X_y7tlkwufHK-IQ https://www.ssl.com/article/page-load-optimization-ocsp-stapling/ https://www.ssl.com/blogs/how-do-browsers-handle-revoked-ssl-tls-certificates/ {{{ Mozilla Firefox Apple Safari Microsoft Edge Variation Between Browsers }}} Conclusion The results appear to indicate that revocation is still a problematic issue for desktop web browsers (mobile devices represent a whole different world, but that’s a topic for another article). ---- Google Chrome Chrome relies on CRLSets for revocation checking. A CRLSet is simply a list of revoked certificates which is pushed to the browser as a software update. According to the Chromium Projects website, the processes by which Google generates CRLSets are proprietary, but also that CRLSets… are primarily a means by which Chrome can quickly block certificates in emergency situations. As a secondary function they can also contain some number of non-emergency revocations. These latter revocations are obtained by crawling CRLs published by CAs. == CRLSets == https://dev.chromium.org/Home/chromium-security/crlsets