SSL Certificates Service allows you to revoke issued certificates and delete expired or revoked certificates. If you revoke a certificate, it is deregistered from the certificate authority (CA). After a certificate is revoked, it can no longer be used for encryption or used to verify trusted websites. If you delete a certificate, its resources are deleted from SSL Certificates Service.
When do I need to revoke a certificate? What are the limits to certificate revocation?
- The information that you specified to apply for a certificate is not correct, but the certificate is issued. In this case, you must revoke the certificate before you can resubmit the application that includes correct information.
- A certificate is issued, but the domain names bound to the certificate need to be replaced.
- You no longer need a certificate.
- For security reasons, a certificate is no longer used.
No limits are imposed on certificate revocation. You can submit a revocation request at all times. For more information, see Revoke certificates.
What are the limits to certificate deletion?
- Certificates purchased and issued by using SSL Certificates Service:
- If the certificate has not expired, it can be deleted only after revocation.
- If the certificate has expired, it can be deleted at any time.
- Manually uploaded certificates that are purchased on third-party platforms can be deleted at any time.