![[Go to /]](/DutchGrid-logo-CA.gif){kind=logo}
DCA Root Service
DCA Root CA G1
Trusted Certificate Service TCS
Request your instant cert now
Guide and tools
Production CA (MS)
Overview
Manage Your Certificates
(for non-TCS users)
Find a local registrar
Classic interface
Help with your request
Host certificate requests
Submit your request
Download your certificate
Renew your certificate
Request revocation
Reliance information
Policy Statement
Reliance Information
NL e-Infra Zero
(training services)
Documentation
Legacy Cert Request Guide
Change a passphrase
RA OpsGuide
OpenSSL for Windows
eToken Guide
Links
EUGridPMA
IGTF
Privacy Policy
Request a revocation
Revocation of compromised certificates is essential to computer security. Worldwide. Please help us in protecting these resources!
Your own certificate has been compromised
If your own certificate has been compromised, if you have forgotten your passphrase, or when you suspect someone else, in any way, has gotten access to your private key, you must revoke your certificate at once. The impact on your (grid) activities is limited, since you can get a new certificate immediately by visiting an RA, and it will have the very same name -- so you do not need to re-register with your user community or virtual organsiation. And: you significantly help in protecting the ICT infrastructure world-wide. A small impact for you, and a big help in reducing cyberthreats.
I am a relying party and observe suspicious behaviour
If you are a relying party, computer centre, or anyone else, and you
have serious suspicions against a certificate issues by the DutchGrid CA,
please report it to us, and provide sufficient details to us to evaluate
the compromise. The CA needs reasonable evidence that either (i) the
private key has become compromised or (ii) that the certificate
is used to authenticate for purposes that are incompatible with the
permitted use of the certificate, namely that the user has used the
certificate for actions that are incompatible with the "purpose of
cross-organisational distributed resource access, solely in the context
of academic and research and similar, not-commercially competitive,
applications" (CP/CPS section 1.1). Please bear in mind that we cannot
normally release subscriber information for privacy reasons, but we
can contact the subscriber ourselves if needed.
Providing excerpts of log files showing either compromise or suspect
behaviour can help us evaluate the situation. You should send
confidential information in an encrypted form to
the CA managers. If you have information that should not be shared
with the suspected subscriber, please indicate such material clearly.
I (still) have access to the private key
If you have access to the private key, whether you are the original owner of the certificate or you are a third party that has accidentally obtained access to the unencrypted private key, please use it to send a digitally signed revocation request by email to the CA at ca@dutchgrid.nl. You can send such a signed email through your regular email client (importuing the certificate if needed), or through a set of command-line steps explained in the S/MIME email manual.
Sending an unsigned revocation request
Please complete this form to request revocation. The CA will react to it as soon as reasonably possible to legitimate requests.