Chapter 15. CMCRevoke (Signing a Revocation Request)

The CMC Revocation utility, CMCRevoke, signs a revocation request with an agent's certificate.

15.1. Syntax
링크 복사

This utility has the following syntax:

CMCRevoke -ddirectoryName -hpassword -nnickname -iissuerName -sserialNumber  -mreasonToRevoke -ccomment

CMCRevoke -ddirectoryName -hpassword -nnickname -iissuerName -sserialNumber  -mreasonToRevoke -ccomment

Copy to Clipboard

Toggle word wrap

Important

Do not have a space between the argument and its value. For example, giving a serial number of 26 is -s26, not -s 26.

Note

Surround values that include spaces in quotation marks.

Expand

Option	Description
`c`	Text comments about the request.
`d`	The path to the directory where the `cert8.db`, `key3.db`, and `secmod.db` databases containing the agent certificates are located. This is usually the agent's personal directory, such as their browser certificate database in the home directory.
`h`	The password to access the NSS database containing the agent's certificate.
`i`	The issuer name of the certificate being revoked.
`m`	The reason the certificate is being revoked. The reason code for the different allowed revocation reasons are as follows: 0 - Unspecified. 1 - Key compromised. 2 - CA key compromised. 3 - Affiliation changed. 4 - Certificate superseded. 5 - Cessation of operation. 6 - Certificate is on hold.
`n`	The nickname of the agent's certificate.
`s`	The decimal serial number of the certificate being revoked.

Note

Surround values that include spaces in quotation marks.

맨 위로 이동