Various circumstances can invalidate a certificate
before the expiration date. Some examples are a change of name,
change of association between subject and certificate authority
(for example, an employee terminates employment), and compromise
(known or suspected) of the private key. Under such circumstances, the
certificate authority (CA) that issued the certificate must revoke
it. The following task describes how to revoke a certificate for
which the firewall is the CA.
If the firewall supports multiple virtual systems, the
tab displays a
the virtual system to which the certificate belongs.
Select the certificate to revoke.
. PAN-OS immediately
sets the status of the certificate to revoked and adds the serial
number to the Online Certificate Status Protocol (OCSP) responder
cache or certificate revocation list (CRL). You need not perform