Help Center> Cloud Certificate Manager> Private Certificate Authority (PCA)> Private Certificate Management> Revoking a Private Certificate
Updated on 2022-11-18 GMT+08:00
View PDF

Revoking a Private Certificate

If a private certificate is no longer needed or its private key is lost before it expires, you can revoke it on the console. If a private certificate is revoked, it is no longer trusted within the organization.

If a private certificate is revoked, the billing stops.

The following describes how to revoke a private certificate.

Prerequisites

The private certificate is in the Issued state.

Constraints

  • After you apply for revoking a private certificate, your application cannot be withdrawn. Exercise caution when performing this operation.
  • All its records will be cleared and cannot be recovered, including private CA records. Therefore, exercise caution when performing this operation.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner of the page and choose Security & Compliance > Cloud Certificate Management Service. In the navigation pane on the left, choose Private Certificate Management > Private Certificate. The Private Certificate page is displayed.
  3. Locate the row of the desired private certificate and click Revoke in the Operation column.

    Figure 1 Revoking a private certificate

  4. In the displayed dialog box, enter REVOKE and select the revocation reason to confirm the revocation. The default revocation reason is in the UNSPECIFIED field. Table 1 describes the revocation reasons you can select.

    Figure 2 Revoke Certificate
    Table 1 Revocation reasons and meaning

    Reason for Revocation

    Reason Code in RFC 5280

    Description

    UNSPECIFIED

    0

    Default value. No reason is specified for revocation.

    KEY_COMPROMISE

    1

    The certificate key material has been leaked.

    CERTIFICATE_AUTHORITY_COMPROMISE

    2

    Key materials of the CA have been leaked in the certificate chain.

    AFFILIATION_CHANGED

    3

    The subject or other information in the certificate has been changed.

    SUPERSEDED

    4

    The certificate has been replaced.

    CESSATION_OF_OPERATION

    5

    The entity in the certificate or certificate chain has ceased to operate.

    CERTIFICATE_HOLD

    6

    The certificate should not be considered valid currently and may take effect in the future.

    PRIVILEGE_WITHDRAWN

    9

    The certificate no longer has the right to declare its listed attributes.

    ATTRIBUTE_AUTHORITY_COMPROMISE

    10

    The authority that warrants the attributes of the certificate may have been compromised.

  5. Click OK.

    When "Certificate xxx revoked successfully" is displayed in the upper right corner of the page, and the private certificate status changes to Revoked, the private certificate is revoked successfully.