Certificate revocation is a process in which a certificate's usage is terminated before the validity period expires.


This section lists all the certificate revocation requests. 


To revoke a certificate from the web portal:


  1. Navigate to the "Certificate Center" and click "Issued Certificates". 
  2. Click the button against the certificate that you want to revoke and click on "More Actions". 



  1. Certificate action screen will be displayed. Select "Revoke Certificate" from the drop down, select a reason for revocation, tick the confirmation checkbox and then click "Revoke". 


ADSS Web RA supports the following types of TLS certificates:

  • EVS TLS Server authentication
  • TLS Client authentication
  • TLS Server authentication


When an EV TLS Server authentication certificate is revoked, ADSS Web RA will support only the following revocation reasons:

 

  1. Key Compromise
  2. Affiliation Change 
  3. Superseded
  4. Cease of Operation 
  5. Privilege Withdrawn



The certificate will be revoked and it will appear in the Revocation Requests listing. 


Certificate Suspension 


Certificate suspension is an action that ensures temporary invalidity of a certificate. 


To suspend a certificate from the web portal:


  1. Navigate to the "Certificate Center" and click "Issued Certificates". 
  2. Click the button against the certificate that you want to suspend and click on "More Actions". 



  1. Certificate action screen will be displayed. Select "Revoke Certificate" from the drop down. Under the Certificate Revocation Reason select "Certificate Hold" and another drop down will appear. 

Select a reason for revocation, tick the confirmation checkbox and then click "Revoke". 



This certificate will appear as suspended in the revocation requests listing. 


Second Factor Authentication 


If second factor authentication is enabled on revocation requests, the configured authentication mechanism will function accordingly. When a user clicks on the Revoke button, the authentication window will appear. Once it accepts the selected method, and you enter the verification details, it will rekey a certificate. 


The authentication mechanism can be one of the following:


  • SMS OTP Authentication 
  • Email OTP Authentication 
  • Email & SMS Authentication
  • SAML Authentication 
  • Active Directory Authentication 
  • Azure Active Directory Authentication
  • OIDC Authentication



Reinstate Certificate


A user can reinstate a certificate that is suspended. 


To suspend a certificate from the web portal:


  1. Navigate to the "Certificate Center" and click "Issued Certificates". 
  2. Click the button against the suspended certificate that you want to reinstate and click on "More Actions". 



  1. Certificate action screen will be displayed. Select "Reinstate" from the action drop down. You can add an optional message, tick the confirmation checkbox and then click "Reinstate" to proceed. 



The certificate will be reinstated and appear in the Issued Certificate listing.