Testing Cmc Revoke - Red Hat CERTIFICATE SYSTEM 7.1 - ADMINISTRATOR Administrator's Manual

where
The directory where
-d
agent certificate are located.
The nickname of the agent's certificate.
-n
- The issuer name of the certificate being revoked.
i
The serial number of the certificate being revoked in decimal value.
-s
The reason the certificate is being revoked. Specify the reason code by
-m
providing the number associated with the revocation reason from the
following:
= Unspecified
0
= Key compromised
1
= CA key compromised
2
= Affiliation changed
3
= Certificate superseded
4
= Cessation of operation
5
= Certificate is on hold
6
Include any comments about the request.
-c
Note: Surround values that include spaces in quotation marks.

Testing CMC Revoke

Go to the following directory:
1.
<server_root>/bin/cert/tools
Create a CMC revocation request for a certificate that exists.
2.
.\CMCRevoke -d<dir to cert8.db, key3.db> -n<nickname>
-i<issuerName> -s<serialName> -m<reason to revoke> -c<comment>
For example, if the directory containing the agent certificate is
of the certificate is
certificate is , the command would look like this:
22
,
cert8.db key3.db
RegistartionManagerAgentCert
, and containing the
secmod.db
.redhat
, and the serial number of the
Chapter 15 Revocation and CRLs
CMCRevocation
, the nickname
573