Skip to content

Revoke-TppCertificate

SYNOPSIS

Revoke a certificate

SYNTAX

Revoke-TppCertificate [-Path] <String> [[-Reason] <Int32>] [[-Comments] <String>] [-Disable] [-Wait] [-Force]
 [[-VenafiSession] <PSObject>] [-WhatIf] [-Confirm] [<CommonParameters>]

DESCRIPTION

Requests that an existing certificate be revoked.

EXAMPLES

EXAMPLE 1

$cert | Revoke-TppCertificate -Reason 2
Revoke the certificate with a reason of the CA being compromised

EXAMPLE 2

$cert | Revoke-TppCertificate -Force
Revoke the certificate bypassing the confirmation prompt

EXAMPLE 3

Revoke-TppCertificate -Path '\VED\Policy\My folder\app.mycompany.com' -Reason 2 -Wait
Revoke the certificate with a reason of the CA being compromised and wait for it to complete

PARAMETERS

-Path

Full path to a certificate

Type: String
Parameter Sets: (All)
Aliases: DN, CertificateDN

Required: True
Position: 1
Default value: None
Accept pipeline input: True (ByPropertyName, ByValue)
Accept wildcard characters: False

-Reason

The reason for revocation of the certificate:

0: None
1: User key compromised
2: CA key compromised
3: User changed affiliation
4: Certificate superseded
5: Original use no longer valid
Type: Int32
Parameter Sets: (All)
Aliases:

Required: False
Position: 2
Default value: 0
Accept pipeline input: False
Accept wildcard characters: False

-Comments

Optional details as to why the certificate is being revoked

Type: String
Parameter Sets: (All)
Aliases:

Required: False
Position: 3
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Disable

The setting to manage the Certificate object upon revocation. Default is to allow a new certificate to be enrolled to replace the revoked one. Provide this switch to mark the certificate as disabled and no new certificate will be enrolled to replace the revoked one.

Type: SwitchParameter
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False

-Wait

Wait for the requested revocation to be complete

Type: SwitchParameter
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False

-Force

Bypass the confirmation prompt

Type: SwitchParameter
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False

-VenafiSession

Authentication for the function. The value defaults to the script session object $VenafiSession created by New-VenafiSession. A TPP token or VaaS key can also provided. If providing a TPP token, an environment variable named TppServer must also be set.

Type: PSObject
Parameter Sets: (All)
Aliases:

Required: False
Position: 4
Default value: $script:VenafiSession
Accept pipeline input: False
Accept wildcard characters: False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

INPUTS

TppObject or Path

OUTPUTS

PSCustomObject with the following properties:

Path - Path to the Certificate

Status - InProgress, Revoked, or Error

Warning/Error - additional info

NOTES

http://VenafiPS.readthedocs.io/en/latest/functions/Revoke-TppCertificate/

https://github.com/Venafi/VenafiPS/blob/main/VenafiPS/Public/Revoke-TppCertificate.ps1

https://docs.venafi.com/Docs/current/TopNav/Content/SDK/WebSDK/r-SDK-POST-Certificates-revoke.php