The revokeCertificate command uses an implementation class that is passed to communicate with a certificate authority (CA) server to revoke a certificate. Processing this command sends a revocation request to the CA server to mark this certificate as revoked.
Issue the command from the profile_root/bin directory.
The command syntax is as follows:
revokeCertificate.sh -host<caHost> -port<caPort> -username<caUserName> -password<caPassword> -revocationPassword<revocationPassword> -keystoreAlias<keystoreAlias> -alias<certificateAlias> -pkiImplClass<customCAClient>[options]
The following options are available for the revokeCertificate command:
The following example performs a revokeCertificate:
revokeCertificate.sh -host localhost -port 1077 -username pkiuser -password webspherepki -alias cert1 -keyStoreAlias ClientDefau ltKeyStore -revocationPassword webspherepki CWPKI0403I: Trace is being logged to the following location: C:\opt\WebSphere\AppClient\logs\caClient.log CWPKI0461I: Revoking a CA signed certificate. CWPKI0462I: CA Signed Certificate Revoked [Issued By: O=IBM, C=US, Issued To: CN=mycn, O=ibm, C=us, Not Before: Thu Feb 22 09:07:53 CST 2007, Not After: Sat Feb 16 10:09:19 CST 2008] for reason: unspecified