The quorum-controlled certificate revocation for Code Signing certificates provides a secure mechanism for a Code Signing admin to revoke Code Signing certificates. The revocation process involves submitting a request that requires approval from multiple stakeholders. This workflow helps to prevent accidental or unauthorized revocations.

This topic provides the high-level process overview for securely revoking certificates between a trusted instance and a protected instance using a quorum-based approval workflow.

• Request creation and export (Trusted instance): Initiate a quorum certificate revocation by creating a request with the required configuration properties. Export the update set, which includes the revocation request and related data. See Export Revocation Request Configuration
• Import and approval (Protected instance): Import the update set into the protected instance. Approvers receive notifications and must complete the approval workflow before the certificate is deleted. See Import the revocation request configuration
• Optional MID Server restart: If enabled in the configuration, MID Servers on the protected instance are restarted after the certificate revocation. This forces immediate certificate resynchronization but can result in data loss for unprocessed or cached events. See Approve certificate revocation