Manualshelf

System information

ManualsBrandsRed Hat ManualsOtherCERTIFICATE SYSTEM 7.3 - COMMAND-LINE
9596979899100101102103104
Revocation Automation Utility
The revoker utility sends revocation requests to the CA agent interface to revoke certificates.
To access the interface, revoker needs to have access to an agent certificate that is acceptable
to the CA.
The revoker tool can do all of the following:
Specify which certificate or a list of certificates to revoke by listing the hexadecimal serial
numbers.
Specify a revocation reason.
Specify an invalidity date.
Unrevoke a certificate that is currently on hold.
1. Syntax
The revoker utility has the following syntax:
revoker -s serialNumber -n rsa_nickname [-p password
| -w passwordFile] [-d dbdir] [-v] [-V] [-u] [-r reasoncode]
[-i numberOfHours] hostname:[port]
Option Description
s Gives the serial numbers in hexadecimal of
the certificates to revoke.
n Gives the agent certificate nickname.
p Gives the certificate database password. Not
used if the -w option is used.
w Optional. Gives the path to the password file.
Not used if the -p option is used.
d Optional. Gives the path to the security
databases.
v Optional. Sets the operation in verbose mode.
V Optional. Gives the version of the revoker
tool.
u
r Gives the reason to revoke the certificate. The
following are the possible reasons:
Chapter 25.
89