REVOKE_REASON - Universal Certificate configuration option
Description
The REVOKE_REASON option specifies the reason that a certificate is being revoked.
(Valid reasons for certificate revocation are defined as part of RFC 3280.)
Usage
Method | Syntax | IBM i | HP NonStop | UNIX | Windows | z/OS |
---|---|---|---|---|---|---|
Command Line, Short Form | n/a | |||||
Command Line, Long Form | -revoke_reason reason | |||||
Environment Variable | UCRREVOKEREASON=reason |
Values
reason is the reason a certificate is being revoked.
Universal Certificate accepts the following valid values for reason:
- unspecified
No reason is given. - keyCompromise
Subject's private key, or some other aspect of the subject, has been compromised. - caCompromised
CA private key, or some other aspect of the subject, has been compromised. - affiliationChange
Subject's name or other information in the certificate has changed. There is no reason to suspect the private key is compromised. - superseded
Certificate has been superseded by another certificate. There is no reason to suspect the private key is compromised. - cessationOfOperation
Certificate is no longer required for the purpose it was issued. There is no reason to suspect the private key is compromised. - privilegeWithdrawn
Privilege contained within the certificate is withdrawn.
Default is unspecified.