Attribute certificates are signed objects that assert additional properties with respect to some identity certificate (also called base certificate). An attribute certificate has no associated key pair and consequently cannot be used to establish identity.
Attribute certificates can be thought of as extensions to identity certificates, even if the attribute certificate may be signed by a different CA than the base certificate. When the associated attributes are mainly used for the purpose of authorization, an attribute certificate is called authorization certificate.
This article describes how to revoke an attribute certificate (AC) in Smart ID Certificate Manager (CM). This task is done in the Certificate Controller (CC) in Certificate Manager. See also Issue attribute certificate in Certificate Manager.
When revoking certificates you may specify the reason explicitly.
Expand/Collapse All
Prerequisites
Step-by-step instruction
Revoke attribute certificate
- In the CC user interface in Certificate Manager, open the Action drop down list and select a reason.
Select one or more certificates in the upper half of the result pane. (Press the Ctrl key on the keyboard to make multiple selections.) If you want to revoke several certificates in the same request, they will all be given the same reason code.
Click Add to move the certificate(s) to the lower half of the result pane.
Click Submit.
If you have the role 'Revoke attribute certificate with password', the dialog box Enter Revocation Password will appear. Enter the password.
- Enter your PIN code in Signature PIN.
- Click OK.
for overviews of Nexus' solutions, customer cases, news and more. 