Nexus' software components have new names:

Nexus PRIME -> Smart ID Identity Manager
Nexus Certificate Manager -> Smart ID Certificate Manager
Nexus Hybrid Access Gateway -> Smart ID Digital Access component
Nexus Personal -> Smart ID clients

Go to Nexus homepage for overviews of Nexus' solutions, customer cases, news and more.

Skip to end of metadata
Go to start of metadata

Attribute certificates are signed objects that assert additional properties with respect to some identity certificate (also called base certificate). An attribute certificate has no associated key pair and consequently cannot be used to establish identity.

Attribute certificates can be thought of as extensions to identity certificates, even if the attribute certificate may be signed by a different CA than the base certificate. When the associated attributes are mainly used for the purpose of authorization, an attribute certificate is called authorization certificate. 

This article describes how to revoke an attribute certificate (AC) in Smart ID Certificate Manager (CM). This task is done in the Certificate Controller (CC) in Certificate Manager. See also Issue attribute certificate in Certificate Manager.

When revoking certificates you may specify the reason explicitly.

Expand/Collapse All



This task requires that:

  • The Certificate Controller (CC) is running.
  • The officer has the following role:
    • Revoke attribute certificate OR
    • Revoke attribute certificate with password

  • Enough information is known to identify the certificate in the database.
  • A search for the certificate(s) have been made as described in Search for certificates in Certificate Manager, and the user certificate(s) to be revoked are all present in the result pane.

Step-by-step instruction

 Revoke attribute certificate
  1. In the CC user interface in Certificate Manager, open the Action drop down list and select a reason.
  2. Select one or more certificates in the upper half of the result pane. (Press the Ctrl key on the keyboard to make multiple selections.) If you want to revoke several certificates in the same request, they will all be given the same reason code.

  3. Click Add to move the certificate(s) to the lower half of the result pane.

  4. Click Submit.

  5. If you have the role 'Revoke attribute certificate with password', the dialog box Enter Revocation Password will appear. Enter the password.

  6. Enter your PIN code in Signature PIN.
  7. Click OK.