Skip to main content
Skip table of contents

Revoke certificate in Certificate Manager

This article describes how to revoke a certificate that is produced by Smart ID Certificate Manager (CM). The certificate can be a public key certificate (PKC) or an attribute certificate (AC). This task is done in the Certificate Controller (CC) in Certificate Manager (CC).

The article explains the handling of PKCs but it applies to ACs as well, with the only difference that the role 'Revoke attribute certificate' corresponds to the role 'Revoke certificate' and the role 'Revoke attribute certificate with password' corresponds to the role 'Revoke certificate with password'.

Use revocation roles to obtain different levels of security when performing revocation tasks. This table shows the security levels:

Security level

Roles Type of revocation
HighRevoke certificate with passwordPassword required
MediumRevoke certificate with password and
Revoke certificate
Manual verification or password required
LowRevoke certificateUnconditional

Although putting a certificate on hold is similar to a revocation it is described separately in Put certificate on hold in Certificate Manager.

Prerequisites

This task requires that:

  • The Certificate Controller (CC) is running.
  • The officer has the following role:
    • Revoke certificate OR
    • Revoke certificate with password

  • Enough information is known to identify the certificate in the database.
  • A search for the certificate(s) have been made as described in Search for certificates in Certificate Manager and the user certificate(s) to be revoked are all present in the result pane.

Revoke certificate
  1. In the CC application window, open the Action drop down list and select a reason.
  2. Select one or more certificates in the upper half of the result pane. (Press the Ctrl key on the keyboard to make multiple selections.) If you want to revoke several certificates in the same request, they will all be given the same reason code.

  3. Click Add to move the certificate(s) to the lower half of the result pane.

  4. Click Submit.

  5. If you have the role 'Revoke certificate with password', the dialog box Enter Revocation Password will appear. Enter the password and click OK.

  6. If you have the roles 'Revoke certificate' and 'Revoke certificate with password', the dialog box Verify Revocation will appear.
    1. You can revoke the certificate with password or without the password, provided that the certificate owner can present other data, only known by that certificate owner, and that these data can be verified by you (the officer).

    2. Check Verification made and click OK.

  7. Enter your PIN code in Signature PIN.
  8. Click OK.

Related information

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.