In PKI, if an existing key is lost or compromised, rekeying a certificate generates a new key pair for the certificate. 


  • Rekeying a certificate will rekey the server certificates. 



  • In case of CSR and smart card token-based certificates, rekey certificate will create new artificiality against the same request and it will not revoke the previous certificate.



  • For expired or revoked certificates, rekeying will not be available. 



Admin will be able to view, decline or approve rekey requests.



         



Rekey Requests > Approve


Once an administrator requests approval, the existing certificate will be revoked, the reason of revoking the certificate will be 'Superseded' and the system will generate a new request and certificate. Each rekey request has an 'Old Request Number' in the requests details where the administrator can see the old request and its certificate. The request and request category status will be approved and an approval notification will be sent to the user. 


               



Rekey Requests > Decline


Once an administrator makes a request decline, the request category status will be declined and the certificate status will be changed to old status and a decline notification will be sent to the user.