search

Revocation and Decommissioning

Revocation and Decommissioning ensure that certificates are properly invalidated and removed when they are no longer trusted or required.

Revocation is critical for responding to security incidents, key compromise, or policy violations.

hashtag
Certificate Revocation

CERTInext enables revocation by:

  • Initiating revocation requests with the issuing CA

  • Updating certificate status in inventory

  • Reflecting revocation in CRLs and OCSP (where applicable)

Revoked certificates are clearly marked and excluded from active lifecycle workflows.

hashtag
Decommissioning

Decommissioning completes the lifecycle by:

  • Removing certificates from servers and applications

  • Cleaning up keystores and certificate stores

  • Updating inventory status to prevent reuse

  • Preserving historical records for audit and compliance

Decommissioning ensures certificates do not linger in infrastructure after they are retired, reducing security and compliance risks.

PreviousRenewal and ReplacementNextemSign Overview

Last updated