Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

II. Establishing a PKI > 10. Certificate Revocation

Chapter 10. Certificate Revocation

Certificate revocation is necessary when you must terminate a certificate’s usage before the validity period expires. When a certificate is revoked, a certificate manager must select the certificate to revoke in the Certification Microsoft Management Console (MMC) console as well as provide a reason for revocation. The serial number of the certificate is then stored in the CA’s database with a reason code specifying why the certificate was revoked, which can then be used to publish a certificate revocation list (CRL).

Note

Note

To revoke a certificate, a user must be assigned the Issue and Manage Certificates permission at the certification authority (CA) that issued the certificate. In addition, if certificate manager restrictions are implemented, the certificate manager must be allowed to manage the target user or a group containing the user, and the certificate must be based on a certificate template the certificate manager is allowed to revoke for that target user or group.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint