A smart card can be revoked by operator (or user, if the corresponding settings of the smart card usage policy are defined) in case of damage, loss, card update, withdrawal or compromise.

If the Revoke certificate at card revoking/disabling option is enabled in certificate template properties of the smart card usage policy, then such certificates, stored on the card would be irreversibly revoked.

To revoke a user smart card, proceed as follows:

  1. Switch to Users tab and search for the user.
  2. Switch to the User card by clicking his or her username in the search results.
  3. Select the necessary card and open its data.
  4. Click Revoke.
  5. Define the revocation reason:
    • Card broken – the card is out of order or destroyed.
    • Card lost – the card is lost or it is impossible to define its location.
    • Card update – the card has to be updated (for instance, in case the old smart card is replaced by a new one).
    • Card withdraw – the card is removed from the system due to the employee quitting (default).
    • Card compromise – suspicion that the key was compromised, while the smart card is not lost and serviceable.

6. Click Revoke, if the card is available or creates a task on the agent by selecting the Clean card on agent option.

If the card is revoked due to loss or compromise, then all the certificates written to it, would be revoked even if the Revoke certificate at card revoking/disabling option is disabled.

The card revocation reason is displayed in the user card. If attempting to use the revoked smart card for authentication, the user receives a notification of that his/her certificates are revoked.


  • No labels