A method and system for checking the revocation state of a digital certificate in a virtual environment. The method comprises: 1) create multiple client virtual machines on a host machine, and arrange a certificate revocation list manager in a virtual machine monitor of the host machine; 2) a certificate relying party in each client virtual machine sends a certificate revocation state check service request to the certificate revocation list manager; and 3) the certificate revocation list manager locally queries whether there is a corresponding CRL file according to the certificate revocation state check service request: a) if yes, return the CRL file to the certificate relying parties in the client virtual machines, or queries whether there is a corresponding certificate serial number in the CRL file and then return the query result; and b) if not, download and verify a corresponding CRL file and return the CRL file, or query whether there is a corresponding certificate serial number in the CRL file and then
