3.12 Setting the effective revocation date
You can configure MyID to set the Effective Revocation Date on the CA to one of the following:
-
The date and time the CA received the request.
-
The date and time MyID revoked the certificate.
This may make a difference if the CA is temporarily unreachable.
For example:
- The MyID operator revokes the certificate at 0900.
- MyID sends the request to the CA at 0900.
- The CA is offline, so does not receive the request until 1000.
- At 1000, the certificate is marked as revoked on the CA.
-
The effective revocation date is set as follows:
-
If the Effective Revocation Immediate option is Yes, the effective revocation date is set to 1000 – the time the CA received the request.
-
If the Effective Revocation Immediate option is No, the effective revocation date is set to 0900, the time the operator revoked the certificate in MyID.
The difference determines whether any operations that were carried out using the certificate between 0900 and 1000 are valid.
-
To set the effective revocation option:
-
From the Configuration category, select Operation Settings.
-
On the General tab, set the following option:
-
Effective Revocation Immediate – set to one of the following:
- Yes – the effective revocation date on the CA is set to the time the CA receives the request.
-
No – the effective revocation date on the CA is set to the time the certificate is revoked in MyID.
-
- Click Save changes.