Revoking CertificatesChapter 3 Finding and Revoking Certificates 53The certificate is shown in base-64 encoded form at the bottom of the Certificatepage, under the heading “Installing this certificate in a server.” In addition to itsuse with servers, this encoded form of the certificate can be used by CMSadministrators and Data Recovery Manager agents for setting up new agents andrecovering private encryption keys, respectively. (For more information on keyrecovery, see “Finding and Recovering Keys” on page 65 in Chapter 5.)Revoking CertificatesOnly Certificate Manager agents can revoke certificates other than their own. Youneed to revoke a certificate if one of the following situations occurs:• The owner of the certificate has changed status and no longer has the right touse the certificate.• The private key of a certificate owner has been compromised.To revoke one or more certificates, you must search for the certificates you want torevoke using the Revoke Certificates button. While the search is similar to the oneinvoked by Search for Certificates, the Search Results form returned by this searchgives you the option of revoking one or all of the found certificates.Searching for Certificates to RevokeTo search for one or more certificates to revoke:1. Go to the Certificate Manager Agent Services page (see “Accessing AgentServices” on page 23).You must submit the proper client certificate to get access to this page.2. Click Revoke Certificates.The search form that appears has the same search criteria sections as the Searchfor Certificates form.3. Specify the search criteria by selecting the checkboxes for the sections you wantto use, then filling in the required information.For details on search criteria, see “Advanced Certificate Search” on page 47.4. Scroll to the bottom of the form and select a number of matching certificates todisplay.