...
This article describes how to revoke publish a Certificate Authority (CA) in Smart ID Certificate Manager (CM).This
It may be a requirement that end-user certificates are not published in any directory until the issuing authority receives signed confirmation, from the end-user, that the certificate is in the user's possession. This task is done in Administrator's workbench (AWB).
A CA with an external issuer can be set as revoked with the Externally Revoked Authority command from the Tools menu. This will only change the state of the CA in the database, the actual CRL is issued by the external issuer. However, a CA must be set as revoked to be able to remove its key.
Prerequisites
The following prerequisites apply:
...
Two administration officers must sign the request.
...
Both officers must have the following roles:
Use AWB
CA and Key tasks
...
CA certificate must have been
...
issued.
Publish CA
Excerpt | ||
---|---|---|
| ||
Revocation reasonsThe available revocation reasons depends on the type of CA/SA and the current state of the CA/SA. The following table shows the available reasons and how a reason can be changed. | ||
Current CA state and type | New state or reasons | |
Active CA | All reasons except On Hold | |
Active CA with external key | All reasons including On Hold | |
On Hold CA with external key | Reinstate or all reasons except On Hold | |
Revoked CA, Affiliation Changed, Superseded or Cessation of Operation | Key-, CA- or AA Compromise | |
Revoked CA, CA- or AA Compromise | Key Compromise | |
Revoked CA, Key Compromise | None |
...
Signing completes the task and returns you to the AWB window. |
Additional information
Expand | ||
---|---|---|
| ||