Revoke historical certificates

A previous version of a certificate may still be a valid certificate, and you may decide you want to revoke it in the system. You can only revoke a certificate if the following is true:

  • You have the Revoke permission to the certificate.
  • The certificate is not "In Error."
  • Another historical certificate or the current certificate is not being revoked.
  • The certificate is not renewing, or installing/provisioning.
  • The management type is assigned.
  • The certificate is not listed as "Lost."
  • The certificate is not self-signed.
  • The certificate is not revoked.

Revoke a historical certificate

To revoke a previous version of a certificate:

  1. Open the certificate details page, and open Previous Versions.
  2. Locate the version you want to revoke, and click Revoke.
  3. In the Revoke window, click the Reason for Revocation list, and select the reason you are revoking this certificate.
  4. [Optional] Provide a comment with additional information about the revocation reason.
  5. Click Revoke.

Approve or reject a historical certificate revocation

If there is a workflow attached to the historical certificate revocation, an approver will need to authorize the action before it is actually revoked. The authorized approver will:

  1. Open the All Certificates (dashboard), and click on the Pending My Approvals widget.
  2. In the list of certificates requiring approval, use the Approve/Reject quick action.
  3. Provide a comment on why you are approving or rejecting the certificate.
  4. Click either Reject or Approve.

TIP  You can also open the certificate's details page, and open Previous Versions, where you will see the Approve/Reject quick action button next to the historical certificate that is pending revocation.