Entrust PKI as a Service

Changing the certificate status

See below to change the validity status of a certificate.

ℹ The CRL and OCSP services of the issuing CA report the validity status of a certificate. See Browsing certificates for how to get the URL of these services.

To change the validity status of a certificate:

  1. Follow the steps described in Accessing your partitions to log into the PKIaaS interface as a user with any of these roles:

  2. Click Certificate Authorities in the sidebar.

    IMG

  3. In the Certificate Authorities tab, click the name of the certificate authority that issued the certificate.

  4. Click the three dots ("…") to the right of the certificate.

    IMG

  5. Select one of the following options.

    ℹ See Browsing certificates for a reference of the certificate details.

Revoke Certificate

Select this option to invalidate the digital certificate before its expiry date. See the table below for the supported Revocation Reason values.

Revocation reason Description
Unspecified Unknown revocation reason.
Key Compromise The private key associated with the certificate became exposed, so the system should revoke the certificate to prevent unauthorized use.
CA compromise The certificate authority key was exposed, and revoking all the issued certificates mitigates risks.
Affiliation Changed The certificate holder no longer maintains affiliation with the organization that requested the certificate.
Superseded A newer certificate has replaced the certificate.
Cessation of Operation The entity or service associated with the certificate no longer operates.
Privilege Withdrawn The privileges or rights granted by the certificate no longer remain in effect.
AA Compromise The entity responsible for issuing or managing attributes associated with the certificate has been compromised.

Suspend Certificate

Select this option to invalidate the digital certificate for a specified period.

ℹ Unlike certificate revocation, which permanently invalidates a certificate, suspension typically happens when certain conditions or suspicions require to temporarily disable the certificate, but the certificate may be reinstated after resolving these conditions.

Unsuspend Certificate

Select this option to reverse the suspension of a certificate, making it valid again for use.