Managing revoked certificates

honamiUeo
Tera Contributor

Hello
I have installed the Certificate Inventory and Management plugin
If you are running Discovery and manually managing it after discovery without using it as certificate management automation,
Is certificate revocation detected by discovery and is it possible to update the status field in the certificate record?
Does OCSP checking affect certificate management?
thank you.

 

ref

https://noderegister.service-now.com/kb?id=kb_article_view&sysparm_article=KB1080475

4 REPLIES 4

Viraj Hudlikar
Giga Sage

Hello @honamiUeo 

 

Yes, but it will be more complex to handle this all revocation and get appended over certificate record. I would suggest going for Store plugin ServiceNow Store - Certificate Inventory and Management

 

You can explore more over docs site - https://www.servicenow.com/docs/csh?topicname=cert-inventory-mgmt.html&version=latest

 

To understand overview of CIM - Overview of Certificate Inventory and Management - Now Learning & Certificate Inventory and Management Administration - Now Learning

 

If my response has helped you hit helpful button and if your concern is solved do mark my response as correct.

 

Thanks & Regards
Viraj Hudlikar.

Hello @Viraj Hudlikar 

 Thank you for your reply.
A certificate management plugin has already been installed.
On top of that, if a revoked certificate is collected, I would like to know what changes will be made to the status item in the certificate record.
I would appreciate it if you could tell me if it's embarrassing.
thank you.

Hello@honamiUeo - 

 

When a revoked certificate is collected in ServiceNow's Certificate Management plugin, the status of the certificate record will typically be updated to reflect its revoked state. This change is usually indicated by setting the status field to "Revoked".

It's not embarrassing at all to ask about this! Managing certificates, especially handling revocations, is crucial for maintaining security and compliance.

 

If my response has helped you hit helpful button and if your concern is solved do mark my response as correct.

 

Thanks & Regards
Viraj Hudlikar.

Pratiksha
Mega Sage
Mega Sage

You can check these always with the team who are managing the certificate. The major reasons for certicate to be revoked are as follows : 

 

Why revoke a certificate? 

A certificate's private key may have been compromised
The certificate holder's identity may no longer be valid
The certificate may have been issued incorrectly
The domain it was issued for may no longer be active
It can be anything else too. Always better to talk to teams involved in managing these. We assigned the tickets directly to them so they can take the respective actions.