Revoking user certificates
- In the Certificate Manager dialog box, on the Certificate tab, expand Issued Certificates.
- Right-click the certificate to revoke and select Revoke. The Revoke Certificate dialog box is displayed.
-
Click the Detail tab to review the selected certificate.
This tab contains two panes with the same information as the View Certificate dialog box. It also has a No Revoke option that you can use to cancel revocation. If multiple certificates have been selected, then use Next and Previous to navigate among them.
- When you have finished reviewing the certificate, click the Main tab.
- In the CRL Valid Days or Expiration Date field, specify the number of days or a date in mm/dd/yyyy format. The expiration date cannot be before tomorrow or after the CA expiration date.
-
Click OK. The Revocation Successful
message dialog box displays the successful operation and explains how to enable the
revocation list.
This removes the selected certificate from the list in the Issued Certificates folder and adds them to the list in the Revoked Certificates folder.
Copy and paste the .crl file from the \server\certs\revoked folder to the \server\certs folder.
Note: The Revoked Certificates folder lists the date that the certificate would have expired if it had not been revoked.