Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Removed expand boxes and formatted the text.

...

The CC user interface shows a number of certificates with various status as the result of a search.

Image Removed

...

...

Reason codes

Certificates can be published and revoked for various reasons. Each reason code has its own icon, which is used as a graphical indicator in the CC application window. All reason codes in the following table may not appear in your CC. Reason codes will only appear if the configuration has been set accordingly.

Public key certificate icons have a green border while attribute certificates have a blue border.

Reason code

Icon

Description

Key compromise

...

image2019-2-7_10-16-44.pngImage Added

Used in revoking an end-entity certificate. It indicates that it is known or suspected that the subject's private key, or other aspects of the subject validated in the certificate, have been compromised.

Affiliation

...

changed

...

image2019-2-7_10-16-56.pngImage Added

The subject's name or other information in the certificate has been modified. There is no cause to suspect that the private key has been compromised.

Superseded

...

image2019-2-7_10-17-2.pngImage Added

The certificate has been superseded. There is no cause to suspect that the private key has been compromised.

Cessation of

...

operation

...

image2019-2-7_10-17-13.pngImage Added

The certificate is no longer needed for the purpose for which it was issued. There is no cause to suspect that the private key has been compromised.

Privilege

...

withdrawn

...

image2019-2-7_10-17-27.pngImage Added

The certificate (public-key or attribute certificate) was revoked because a privilege contained within that certificate has been withdrawn.

No reason

...

image2019-2-7_10-17-59.pngImage Added

The certificate is revoked without specification of a

...

reason.

Certificate hold

...

image2019-2-7_10-18-9.pngImage Added

The certificate is on hold, that is, temporarily invalid.

...

image2019-2-7_10-18-24.pngImage Added

A certificate without any restrictions, such as revocation or on hold.

...

Revocation of CA certificates can only be performed using the Administration Workbench (AWB) as described in CA administration tasks in Certificate Manager.

...

Handle certificates on hold

Once a certificate hold has been issued, you can handle it in one of the following ways:

  • Let the certificate remain on the Certificate Revocation List (CRL) with no further action, causing users to reject transactions issued during the hold period.

OR

  • Let the certificate be replaced by a (final) revocation for the same certificate, in which case the reason shall be one of the standard reasons for revocation. The revocation date shall be the date when the certificate was placed on hold.

OR

  • Let the certificate be reinstated, that is, explicitly released and the entry removed from the CRL.

...

Additional information

Expand
titleUseful links