REVOKE_REASON - Universal Certificate configuration option

Description

The REVOKE_REASON option specifies the reason that a certificate is being revoked.

(Valid reasons for certificate revocation are defined as part of RFC 3280.)

Usage

Method

Syntax

IBM i

HP NonStop

UNIX

Windows

z/OS

Command Line, Short Form

n/a






Command Line, Long Form

-revoke_reason reason



(tick)

(tick)

(tick)

Environment Variable

UCRREVOKEREASON=reason



(tick)

(tick)

(tick)

Values

reason is the reason a certificate is being revoked.

Universal Certificate accepts the following valid values for reason:

  • unspecified
    No reason is given.
  • keyCompromise
    Subject's private key, or some other aspect of the subject, has been compromised.
  • caCompromised
    CA private key, or some other aspect of the subject, has been compromised.
  • affiliationChange
    Subject's name or other information in the certificate has changed. There is no reason to suspect the private key is compromised.
  • superseded
    Certificate has been superseded by another certificate. There is no reason to suspect the private key is compromised.
  • cessationOfOperation
    Certificate is no longer required for the purpose it was issued. There is no reason to suspect the private key is compromised.
  • privilegeWithdrawn
    Privilege contained within the certificate is withdrawn.

Default is unspecified.