WAS v8.5 > Secure applications > Secure communications > Create an SSL configuration

Revoking a CA certificate in SSL

If a certificate authority (CA) certificate is compromised and the servers cannot trust it anymore that CA certificate can be revoked. To revoke a CA certificate, you perform the following task.

Use dmgr console to replace or revoke a CA certificate.

1. Click Security > SSL certificate and key management.

2. Under Related Items, click Key stores and certificates.

3. Click a <keystore name> to which to add the new CA certificate.

4. Under Additional Properties, click Personal certificates to list the personal certificates.

5. Select a certificate to revoke (a CA certificate)

6. Click the Revoke button.
7. Fill in the following information to the CA certificate section.
   • Revocation password
   • Revocation reason

8. Click Apply then OK.

Results

The certificate is revoked in the key store selected in the path. If the certificate selected was not a CA certificate, then an error is returned.

Related

Create an SSL configuration

Reference:

PersonalCertificateCommands command group for AdminTask

+

Search Tips   |   Advanced Search