revoked.badssl.com no longer triggering revoked error across most browsers after renewal

[greyivy]

I tested revoked.badssl.com on major browsers on Windows and macOS and the only browser that's giving me a SEC_ERROR_REVOKED_CERTIFICATE is Firefox on macOS. This was working across other browsers before the certificate was recently renewed.

Does anyone know why this is?

[christhompson]

I'm in the process of migrating the certificate for revoked.badssl.com to Lets Encrypt so that we can include it in our automated certificate renewal process. This means that it will no longer be manually added to Chrome's certificate blocklist (as I had done previously, but proved to be an impediment to keeping the certificate renewed), and instead only be included as a keyCompromise revocation in the CRL from Lets Encrypt. This will have some consequences across different browsers, depending on how they handle CRLs.