I would like to check validity of x509 certificates of my clients. I would like to trust the certificates what big companies trust. For example I would like to trust what Microsoft Edge, Chrome browser or Apple Safari trust. However, I want it to be dynamic. When they give up to trust a certain certificate authority for example, I want to behave the same manner automatically. Is there a known web service that I can use to check my clients certificates validity or the certificate signing chain’s validity (not sure yet it is safe to expose those certificate details publicly) in companies sight? How could I do this?
What I would like to achieve is to implement something like EIDAS certificate check like PSD2 to prevent impersonation. (there is no PSD2 standart in this country, so there is no authority to provide EIDAS)