Ask a Question

Advanced Search

Solution ID : SO9717

Last Modified : 06/25/2018

Partner: How to Revoke a Certificate

Problem

Partner Center
Partner Program
ISP
End User Portal

A certificate should be revoked if there is any security concern such as a compromised or lost private key. Revoking a certificate indicates it should no longer be trusted and usable.  Additionally for Code Signing certificates, end users downloading code will receive a warning the content should not be trusted.  It is recommended you recall all code previously signed with this certificate. A new Code Signing certificate will need to be obtained to continue signing code under the same name.

Important: Revoking a certificate is irreversible, and cannot be recovered.

Revocation Agreement

By clicking Revoke, you confirm that you understand that revoking this certificate will make it unusable and that you have been advised that all code previously signed with this certificate should be recalled.

Solution

These instructions apply to SSL and Code Signing Certificate orders placed through the Partner Center 

  • Online revocation (Thawte and Symantec) and cancellation (All brands) are available for the life of the certificate. If more than 30 days have passed, the revocation and cancellation options are still available to cancel an order, but without a refund.
  • If you wish to reissue/replace the certificate, please see, Partner: How to Reissue a Certificate.


Revocation Process

Revocation support for individual SSL certificates is available via the End User Portal and Customer Support.


End User Portal – Revocation Process

To revoke an SSL certificate via the End User Portal follow the steps below:

  1. Log into your Partner Center account and select End User Portal from the main menu, or visit one of the following brand URLs

    Symantec
    Thawte
    GeoTrust or RapidSSL

  2. You will be asked to enter the following:

    - Fully qualified domain name (Common Name) of the certificate (Organization Name for Code Signing)
    - A contact e-mail address listed in the certificate order (Corporate or Technical Contact)
    - The 5-digit number displayed in the image 
     
  3. Click Continue. A list of all certificates that meet the Common Name and contact e-mail criteria will appear.
  4. Under the View Order Information column, click the Request Access button next to the order being reissued
  5. An e-mail will be sent to the contact e-mail address provided with a link to the Order Access page
  6. Click the link to access the page, the details of the certificate order will appear.
  7. To Cancel an order (revokes all associated certificates), click Cancel Order under manage order.
  8. To Revoke a certificate (no refund) on the left-hand side of the page, click Revoke Certificate
  9. On the next page click the check box next to the certificate you want to revoke
  10. Click ‘I Approve’ to complete the revocation request.

Customer Support – Revocation Process

To revoke an individual SSL certificate through Customer Support follow the steps below:

  1. To initiate the revocation process please Contact Partner Support: https://www.websecurity.symantec.com/support/contact                                                                                                                                                                                                             
  2. Please include the following information in your revocation request (or fill in the attached forms and send to Partner Support):
     
    • Product Brand/Type (e.g. - GeoTrust True BusinessID)
    • Order Number
    • Common Name
    • Certificate Serial Number
    • Issuance Date (Optional)
    • (For GeoTrust/RapidSSL certificates with multiple copies only) Specify each certificate Serial Number that you want to revoke if you only want certain copies revoked; otherwise all certificate copies will be revoked with this request.  How to locate the serial number of an SSL certificate
       
  3. This process is available to partner contacts.