Certificate revocation is necessary when you must terminate a certificate’s usage before the validity period expires. When a certificate is revoked, a certificate manager must select the certificate to revoke in the Certification Microsoft Management Console (MMC) console as well as provide a reason for revocation. The serial number of the certificate is then stored in the CA’s database with a reason code specifying why the certificate was revoked, which can then be used to publish a certificate revocation list (CRL).

Note

To revoke a certificate, a user must be assigned the Issue and Manage Certificates permission ...