Revoking a Certificate Version
Revoke a certificate version to stop its use before its scheduled expiration.
A certificate authority (CA) revokes a certificate version when the certificate version becomes invalid before the end of its validity period. A certificate version might become invalid if the name of its owner changes, if the relationship or association between a certificate subject and the issuing CA changes, or if the private key of the certificate is compromised or suspected to be compromised. Revocations are immediate and you can't reverse them.
The Certificates service supports the revocation only of resources issued by an internal CA. You can't use the service to revoke an externally managed or imported certificate. You also can't revoke a CA version for a root CA.
-
Select the Actions menu (
) for the certificate version, and select Revoke Version.
-
Select the Actions menu (
Use the oci certs-mgmt certificate-version revoke command and required parameters to revoke a certificate version:
oci certs-mgmt certificate-version revoke --certificate-id <certificate_OCID> --version-number <certificate_version_number>For example:
oci certs-mgmt certificate-version revoke --certificate-id ocid1.certificate.oc1.<region>.<unique_ID> --version-number 2For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.
Run the RevokeCertificateVersion operation to revoke a certificate version.