Revoking certificates

The administrator or the certificate authority (CA) can revoke a certificate. Revocation prevents use of the public key for decryption.

Certificates are issued with a planned lifetime. That lifetime is defined in the Years until expired field when the certificate is created. A certificate is valid until its expiration date. However, circumstances may cause a certificate to become invalid before the expiration date. Under such circumstances, the issuing Certificate Authority (CA) or the administrator should revoke the certificate.

The certificate status is changed to revoked.

Removing revoked certificates

Creating a DPS or an Application Server certificate

Renewing certificates

Removing revoked certificates

To revoke a certificate

1. Click Start > All Programs > Symantec Control Compliance, and select Certificate Management console

2. In the Certificate Management console, provide the Root Certificate Password.

   The Root Certificate password is created during installation.

3. Click OK.

4. In the Certificate Management console, select the certificate.

5. Click Revoke Certificates.

6. In the Warning message box, click Yes.