Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PKI certificate revocation

In PKI how do I revoke client's certificates? I know I can do

crypto pki server NAME revoke 1

but how do I know serial number if I don't have access to the device with certificate I want to revoke? Let's say the device is stolen and I don't want anybody to have access to my network via that device. Is there any way to view a list of certificates that were granted? Or am I doing something completly wrong and it doesn't work like this?

Everyone's tags (1)
4 REPLIES
Cisco Employee

You can see certificates

You can see certificates granted by this CA (their CN and serial numbers). 

"show crypto pki server certificates"

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/s1/sec-s1-cr-book/sec-cr-s3.html#wp2218130757

 

 

New Member

Don't have this command on

Don't have this command on router with configured CA.

#sh crypto pki server ?
  |  Output modifiers
  <cr>

Are there special requirements for this comand?

 

Cisco Employee

Probably IOS version. Minimum

Probably IOS version. Minimum of 12.4(20)T.

 

New Member

I've got  12.4(13b). Is there

I've got  12.4(13b). Is there any other way?

31
Views
0
Helpful
4
Replies