Before a private certificate expires, if you no longer want to use the private certificate, you can revoke it in the SSL Certificates Service console. Revoked private certificates are no longer trusted by the internal environments of enterprises.


  • A private certificate is issued by a private certificate authority (CA). For more information about related operations, see Apply for a private certificate.
  • The private certificate remains valid.


  1. Log on to the SSL Certificates Service console.
  2. In the left-side navigation pane, click Private Certificates.
  3. Find the private CA that you want to use, and click Certificates in the Actions column.
  4. On the Certificates page, find the private certificate that you want to revoke, and then click Revoke in the Actions column.
  5. In the Confirmation message, click Revoke.
    After confirmation, the private certificate is immediately revoked. After the value in the Status column for the private certificate changes to Revoke, you can click Delete to delete the private certificate from the list.