The RevokeCertificate command is a shell script included with the Demo CA optional component. It revokes an existing certificate
in an existing instance of the Demo CA. See
About the Demo CA for more information.
Syntax:
RevokeCertificate DemoCA-directory certificate-path
Parameters:
- DemoCA-directory
- The directory containing your existing Demo CA instance.
- certificate-path
- The path to a file containing the certificate to be revoked.
Note: Each Demo CA instance includes copies of all the certificates it has signed, under the entities directory and under the
intermediate/certs directory; these copies can be used to revoke specific certificates.
Comments:
Revoking a certificate in Demo CA informs the CA that the certificate is no longer valid. It updates the Demo CA instance's
database of certificates, and also updates the Certificate Revocation List (CRL) that Demo CA maintains.
Note: That
Enterprise Developer components do not currently make use of the CRL.
The main purpose in revoking a certificate in Demo CA is to make the same certificate identity Distinguished Name (DN) available
for a new certificate to use.
The
Enterprise Developer product must be configured properly in the shell environment before invoking this script.