Revoking a Certificate

Should you believe that the security of a DOEGrids personal, host, or service certificate has been compromised please follow the appropriate instructions below.

Revoking Your Personal Certificate

1. Using the web browser that you used to request and retrieve your certificate, click here to open the User Certificate Revocation form.
2. Choose a reason for revoking your certificate.
3. Click the Submit button.
4. After you click the Submit button, a window will pop up with a list of certificates you can send to the server. Select your DOEGrids certificate you want to revoke from this window.
5. Notify the OSG RA by email that you have revoked your certificate and provide some details about why you did so.
6. Follow any procedures outlined by your organization or site regarding compromised security credentials.

Revoking Your Host/Service Certificate

1. Make sure that the GLOBUS_LOCATION environment variable is defined by sourcing the setup.sh located in the VDT_LOCATION directory.
2. In your shell execute

   # grid-cert-info -cert PATH -subject

   where PATH is the path to the host or service certificate you wish to revoke. This will print out the subject name of the certificate in question.
3. Send the output from the above command to the OSG RA by email. State clearly in your email that you wish to have the certificate corresponding to the included subject revoked. Please include some details about why you are requesting the certificate be revoked.
4. Follow any procedures outlined by your organization or site regarding compromised security credentials.

-- KyleGross - 27 Sep 2007