revoke-cert − revoke certificate issued by etoken-ca
revoke-cert <serial number(s)>
Commandline tool, to be run as root, for requesting revocation of one or more certificates. The tool will process each provided serial number, verifying that the certificate is still marked valid and asking for confirmation from the user. Serial number(s) must be given in hexadecimal, leading zeroes are added automatically where needed, see example below.
For each entry a symlink will be created in the /var/cache/etoken-ca/revocation and the etoken-ca-server will be signalled to process the requests and update the CRL. The tool will wait for the daemon to finish producing a CRL for at most 5 seconds.
All configuration is done via sysconfig variables set in /etc/sysconfig/etoken-ca.
revoke-cert f 1A 2b
Configuration file for etoken-ca-client, etoken-ca-server and revoke-cert.
OpenSSL CA directory
Directory for symlinks to to-be-revoked certificates.
Please report any errors to the Nikhef Grid Middleware Security Team <email@example.com>.
etoken-ca(5), etoken-ca-server(8), etoken-ca-client(1), ca(1ssl)
Written by Mischa Sallé
Copyright © 2016- FOM-Nikhef