revoke-cert

NAME
SYNOPSIS
DESCRIPTION
EXAMPLES
FILES
EXIT VALUES
BUGS
SEE ALSO
AUTHORS
COPYRIGHT

NAME

revoke-cert − revoke certificate issued by etoken-ca

SYNOPSIS

revoke-cert <serial number(s)>

DESCRIPTION

Commandline tool, to be run as root, for requesting revocation of one or more certificates. The tool will process each provided serial number, verifying that the certificate is still marked valid and asking for confirmation from the user. Serial number(s) must be given in hexadecimal, leading zeroes are added automatically where needed, see example below.

For each entry a symlink will be created in the /var/cache/etoken-ca/revocation and the etoken-ca-server will be signalled to process the requests and update the CRL. The tool will wait for the daemon to finish producing a CRL for at most 5 seconds.

All configuration is done via sysconfig variables set in /etc/sysconfig/etoken-ca.

EXAMPLES

revoke-cert 0E
revoke-cert f 1A 2b

FILES

/etc/sysconfig/etoken-ca

Configuration file for etoken-ca-client, etoken-ca-server and revoke-cert.

/var/lib/myproxyca

OpenSSL CA directory

/var/cache/etoken-ca/revocation

Directory for symlinks to to-be-revoked certificates.

EXIT VALUES

0

Success.

1

Failure.

BUGS

Please report any errors to the Nikhef Grid Middleware Security Team <grid-mw-security-support@nikhef.nl>.

SEE ALSO

etoken-ca(5), etoken-ca-server(8), etoken-ca-client(1), ca(1ssl)

AUTHORS

Written by Mischa Sallé

COPYRIGHT

Copyright © 2016- FOM-Nikhef