The revokeCertificate command uses an implementation class that is passed to communicate with a certificate authority (CA) server to revoke a certificate. Processing this command sends a revocation request to the CA server to mark this certificate as revoked.
Issue the command from the profile_root/bin directory.
The command syntax is as follows:
revokeCertificate.sh -host<caHost> -port<caPort> -username<caUserName> -password<caPassword>
-revocationPassword<revocationPassword> -keystoreAlias<keystoreAlias> -alias<certificateAlias>
-pkiImplClass<customCAClient>[options]
revokeCertificate.bat -host<caHost> -port<caPort> -username<caUserName> -password<caPassword>
-revocationPassword<revocationPassword> -keystoreAlias<keystoreAlias> -alias<certificateAlias>
-pkiImplClass<customCAClient>[options]
revokeCertificate.sh -host<caHost> -port<caPort> -username<caUserName> -password<caPassword>
-revocationPassword<revocationPassword> -keystoreAlias<keystoreAlias> -alias<certificateAlias>
-pkiImplClass<customCAClient>[options]
revokeCertificate -host<caHost> -port<caPort> -username<caUserName> -password<caPassword>
-revocationPassword<revocationPassword> -keystoreAlias<keystoreAlias> -alias<certificateAlias>
-pkiImplClass<customCAClient>[options]
The following options are available for the revokeCertificate command:
The following example performs a revokeCertificate:
revokeCertificate.sh -host localhost -port 1077
-username pkiuser -password webspherepki -alias cert1 -keyStoreAlias ClientDefau
ltKeyStore -revocationPassword webspherepki
CWPKI0403I: Trace is being logged to the following location:
C:\opt\WebSphere\AppClient\logs\caClient.log
CWPKI0461I: Revoking a CA signed certificate.
CWPKI0462I: CA Signed Certificate Revoked [Issued By: O=IBM, C=US, Issued To:
CN=mycn, O=ibm, C=us, Not Before: Thu Feb 22 09:07:53 CST 2007, Not
After: Sat Feb 16 10:09:19 CST 2008] for reason: unspecified
C:\opt\WebSphere\AppClient\bin>revokeCertificate.bat -host localhost -port 1077
-username pkiuser -password webspherepki -alias cert1 -keyStoreAlias ClientDefau
ltKeyStore -revocationPassword webspherepki
CWPKI0403I: Trace is being logged to the following location:
C:\opt\WebSphere\AppClient\logs\caClient.log
CWPKI0461I: Revoking a CA signed certificate.
CWPKI0462I: CA Signed Certificate Revoked [Issued By: O=IBM, C=US, Issued To:
CN=mycn, O=ibm, C=us, Not Before: Thu Feb 22 09:07:53 CST 2007, Not
After: Sat Feb 16 10:09:19 CST 2008] for reason: unspecified
revokeCertificate.sh -host localhost -port 1077
-username pkiuser -password webspherepki -alias cert1 -keyStoreAlias ClientDefau
ltKeyStore -revocationPassword webspherepki
CWPKI0403I: Trace is being logged to the following location:
C:\opt\WebSphere\AppClient\logs\caClient.log
CWPKI0461I: Revoking a CA signed certificate.
CWPKI0462I: CA Signed Certificate Revoked [Issued By: O=IBM, C=US, Issued To:
CN=mycn, O=ibm, C=us, Not Before: Thu Feb 22 09:07:53 CST 2007, Not
After: Sat Feb 16 10:09:19 CST 2008] for reason: unspecified
revokeCertificate -host localhost -port 1077
-username pkiuser -password webspherepki -alias cert1 -keyStoreAlias ClientDefau
ltKeyStore -revocationPassword webspherepki
CWPKI0403I: Trace is being logged to the following location:
C:\opt\WebSphere\AppClient\logs\caClient.log
CWPKI0461I: Revoking a CA signed certificate.
CWPKI0462I: CA Signed Certificate Revoked [Issued By: O=IBM, C=US, Issued To:
CN=mycn, O=ibm, C=us, Not Before: Thu Feb 22 09:07:53 CST 2007, Not
After: Sat Feb 16 10:09:19 CST 2008] for reason: unspecified