Revoking a CA certificate in SSL

If a certificate authority (CA) certificate is compromised and the servers cannot trust it anymore that CA certificate can be revoked. To revoke a CA certificate, you perform the following task.

Before you begin

You use the administrative console to replace or revoke a CA certificate.

Procedure

  1. Click Security > SSL certificate and key management.
  2. Under Related Items, click Key stores and certificates.
  3. Click a <keystore name> to which you want to add the new CA certificate.
  4. Under Additional Properties, click Personal certificates to list the personal certificates.
  5. Select a certificate to revoke (a CA certificate)
  6. Click the Revoke button.
  7. Fill in the following information to the CA certificate section.
    • Revocation password
    • Revocation reason
  8. Click Apply then OK.

Results

The certificate is revoked in the key store selected in the path. If the certificate selected was not a CA certificate, then an error is returned.

What to do next




In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Oct 20, 2010 11:50:58 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-base-iseries&topic=tsec_7revokecacert
File name: tsec_7revokecacert.html