Revoking a certificate

You can revoke a certificate from the certificate inventory or the certificate details page.

To revoke a certificate

1. From the certificate list for the user you searched for, find the certificate you want to revoke.
2. Do one of the following:
   • From the certificate inventory, click Revoke on the action button.
   • From the certificate details page, click Actions > Revoke.
3. From the Reason for Revocation list, select a reason.

4. Click Revoke but remember, this action cannot be undone.

   

Resolving problems for Revocations that resulted in a processing error

Revocations can fail for a number of reasons. The most common reasons revocations fail include:

• The revocation request was rejected by an approver
• The credentials to authenticate to the Certificate Authority were wrong
• Trust Protection Platform did not have the appropriate CA template configured for the CA that the certificate was issued from.

You can review the error message that will tell you why the revocation failed.

When Revocation fails, you have two choices:

• Cancel. Canceling a revocation means that even though it failed, you do not intend to retry revocation and you simply wish to clear the processing error from Trust Protection Platform. For example, you would do this in situations where the approver has rejected your request to revoke the certificate and you don't expect to receive approval on subsequent requests.
• Retry. Retry will clear the error and attempt revocation again. You should only do this after you have resolved the problem that caused the error in the first place. For example, if the revocation failed because the Certificate Authority credentials expired, you will need to ask your Administrator to update the credentials before you attempt revocation again. If it failed because it was rejected by approval, you will need to review the rejection reasons and retry after the approver's requirements have been met.

Related Topics