Table of Contents
Advertisement
<server_root>/bin/cert/tools
This utility has the following syntax:
CMCRevoke -d<dir to cert8.db, key3.db> -n<nickname> -i<issuerName>
-s<serialName> -m<reason to revoke> -c<comment>
where
The directory where
-d
the agent certificate are located.
The nickname of the agent's certificate.
-n
-
The issuer name of the certificate being revoked.
i
The serial number of the certificate being revoked in decimal value.
-s
The reason the certificate is being revoked. Specify the reason code by
-m
providing the number associated with the revocation reason from the
following:
= Unspecified
0
= Key compromised
1
= CA key compromised
2
= Affiliation changed
3
= Certificate superseded
4
= Cessation of operation
5
= Certificate is on hold
6
Include any comments about the request.
-c
Note: Surround values that include spaces in quotation marks.
Testing CMC Revoke
Go to the following directory:
1.
<server_root>/bin/cert/tools
Create a CMC revocation request for a certificate that exists.
2.
,
, and
cert8.db
key3.db
CMCRevocation
containing
secmod.db
Chapter 14
Revocation and CRLs
597
Advertisement
Table of Contents
