Revoking a CA certificate in SSL

If a certificate authority (CA) certificate is compromised and the servers cannot trust it anymore that CA certificate can be revoked. To revoke a CA certificate, you perform the following task.

Before you begin

You use the administrative console to replace or revoke a CA certificate.

Procedure

  1. Click Security > SSL certificate and key management.
  2. Under Related Items, click Key stores and certificates.
  3. Click a <keystore name> to which you want to add the new CA certificate.
  4. Under Additional Properties, click Personal certificates to list the personal certificates.
  5. Select a certificate to revoke (a CA certificate)
  6. Click the Revoke button.
  7. Fill in the following information to the CA certificate section.
    • Revocation password
    • Revocation reason
  8. Click Apply then OK.

Results

The certificate is revoked in the key store selected in the path. If the certificate selected was not a CA certificate, then an error is returned.

What to do next


指出主題類型的圖示 作業主題



時間戳記圖示 前次更新: July 9, 2016 11:16
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=tsec_7revokecacert
檔名:tsec_7revokecacert.html