Revoke client certificates (crl list)

Hi all,  We secure our apps with ssl certificates, which works perfectly fine!! We make a certificate for a limited duration, sometimes just 3 months.  The problem is the following, what if the person, who received the certificate, leaves after 3 days. He still have the certificate, which he can use to access the (part of) application. Is there a way to add a CRL (Certificate Revoking List). With this list I can revoke the certificates which are handed out.  I hope someone knows where I can manage it. Im open for all suggestions.   Thanks in advance   Dennis Bemer
1 answers

The CRL is populated by a certificate authority (CA) Only the CA that issued the certificate has the power to revoke it and place it on the CRL. But does the user not have an account? Would making the account inactive not be the way? Otherwize you would each time need to contact the CA to revoke the certificate.