PKI CA REVOKE

Level

pki,modify

History

Appears in Netasq 9.0.0
scope appears in 3.7.0
tpmpassword appears in 4.1.0

Description

Remove a CA and revoke all the certificates under (but not its sub-CAs) CACHE_CATEGORY pki

Usage

caname=<name>
[passphrase=<pass>] (mandatory if the CA has a private key)
[format=<pem|der>] (for output CRL, mandatory if the CA has a private key)
[reason=<unknow|keyCompromise|CACompromise|affiliationChanged|superseded|cessationOfOperation|certificateHold|privilegeWithdrawn|AACompromise>]
[topcapass=<pass>] (mandatory if the CA has a top-CA which has a private key)
[force=<0|1>] (used to remove an in-use CA)
[scope=<both|local|global>] (default is both)
[tpmpassword=<TPM password>]

Returns

a CRL file in the specified format, or an error code