Entrust PKI as a Service

Changing the certificate status

See below to change the validity status of a certificate.

ℹ The CRL and OCSP services of the issuing CA report the validity status of a certificate. See Browsing certificates for how to get the URL of these services.

To change the validity status of a certificate:

  1. Follow the steps described in Accessing your partitions to log into the PKIaaS interface as a user with any of these roles:

  2. Click Certificate Authorities in the sidebar.

    PNG

  3. In the Certificate Authorities tab, click the name of the certificate authority that issued the certificate.

  4. Click the three dots to the right of the certificate.

    PNG

  5. Select one of the following options.

    ℹ See Browsing certificates for a reference of the certificate details.

Revoke Certificate

Select this option to invalidate the digital certificate before its expiration date. See the table below for the supported Revocation Reason values.

Revocation reason Description
Unspecified Unknown revocation reason.
Key Compromise The private key associated with the certificate has been compromised, and therefore, the certificate should be revoked to prevent unauthorized use.
CA compromise The certificate authority is compromised, and revoking all the issued certificates mitigates risks.
Affiliation Changed The certificate holder is no longer affiliated with the organization that requested the certificate.
Superseded A newer certificate has replaced the certificate.
Cessation of Operation The entity or service associated with the certificate is no longer operational.
Privilege Withdrawn The privileges or rights granted by the certificate have been withdrawn.
AA Compromise The entity responsible for issuing or managing attributes associated with the certificate has been compromised.

Suspend Certificate

Select this option to invalidate the digital certificate for a specified period.

ℹ Unlike certificate revocation, which permanently invalidates a certificate, suspension is typically used when there is a need to temporarily disable the certificate due to certain conditions or suspicions, but the certificate may be reinstated later if those conditions are resolved.

Unsuspend Certificate

Select this option to reverse the suspension of a certificate, making it valid again for use.