HP Open Source Security for OpenVMS Volume 2: HP SSL for OpenVMS > Chapter 3 Using the Certificate Tool

Revoke a Certificate

  Table of Contents


You should revoke a certificate if the certificate has been compromised. The security of a certificate can be compromised if, for example, someone has a copy of the private key, or knows the password to your encrypted key.

A certificate can be revoked by the Certificate Authority that issued the certificate. You can also use the HP SSL Certificate Tool to revoke a certificate, if the certificate was created using the Certificate Tool.

To revoke a certificate using the Certificate Tool, perform the following steps:

  1. From the Main Menu, select Option 7 - Revoke a Certificate.

  2. Enter the filenames of the Certificate Authority (CA) certificate and key.

  3. Enter the filename of the certificate to be revoked.

  4. Enter the PEM passphrase of the CA's key.

The Certificate Tool marks that certificate as being revoked in its database.

After you revoke the certificate, you must create a certificate revocation list (CRL).