[prev in list] [next in list] [prev in thread] [next in thread] List: packetfence-users Subject: Re: [PacketFence-users] Revoking multiple PK-PKI certificates at a time From: "Zammit, Ludovic via PacketFence-users" <packetfence-users () lists ! sourceforge ! net Date: 2024-04-19 14:40:59 Message-ID: A4640FE0-2699-45FA-ABC9-DEFE9F0F6D6E () akamai ! com [Download RAW message or body] [Attachment #2 (multipart/alternative)] Hello Will, If you are NOT using OCSP, you can just remove the certificate using MySQL command \ within PF database. If you are using OCSP you will need to provide the certificate ID in any way. How many certs are we talking about? Thanks, Ludovic Zammit Product Support Engineer Principal Lead Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> \ <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> \ <http://www.linkedin.com/company/akamai-technologies> \ <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Apr 18, 2024, at 11:49 AM, Will Nygard via PacketFence-users \ > <packetfence-users@lists.sourceforge.net> wrote: > Hi all, > > Does anyone know a way to revoke multiple PK-PKI certificates at once? I looked \ > around on the web and was unable to find a way to do this. So far, revoking one at \ > a time through the web console is working for me, as I'm just starting to implement \ > EAP-TLS, but once I scale up it would be very time consuming to revoke all at once. \ > > The reason I need to revoke certificates en masse is to deal with an issue with \ > Jamf Pro SCEP integration, which I saw another user dealing with in this email. \ > https://urldefense.com/v3/__https://www.mail-archive.com/packetfence-users@lists.sou \ > rceforge.net/msg22151.html__;!!GjvTz_vk!RubQGmSHcWc82ONTU4JJxg3X558b_FcjeE1ETYiv47HZCn2Lv1dqFY3YCz2h4HPLTfRNsFHkX2Gh1bWmhkx6MNHbbaGoC3yjFhEXBg$ \ > > Any ideas? > > Thanks, > Will N > Systems and Network Administrator > > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence \ > -users__;!!GjvTz_vk!RubQGmSHcWc82ONTU4JJxg3X558b_FcjeE1ETYiv47HZCn2Lv1dqFY3YCz2h4HPLTfRNsFHkX2Gh1bWmhkx6MNHbbaGoC3z86Kdf0A$ > [Attachment #5 (unknown)] <html><head><meta http-equiv="content-type" content="text/html; \ charset=utf-8"></head><body style="overflow-wrap: break-word; -webkit-nbsp-mode: \ space; line-break: after-white-space;">Hello Will,<div><br></div><div>If you are NOT \ using OCSP, you can just remove the certificate using MySQL command within PF \ database.</div><div><br></div><div>If you are using OCSP you will need to provide the \ certificate ID in any way.</div><div><br></div><div>How many certs are we talking \ about?<br id="lineBreakAtBeginningOfMessage"><div> <br> Thanks,<br> <br> <table cellspacing="0" cellpadding="0" width="360" border="0" align=""> <tbody><tr> <td colspan="3" valign="bottom" height="10" style="color:#0099cc; \ padding-left:0px; padding-bottom:6px; font-family:Arial, Helvetica, \ sans-serif;font-size:14px;"><strong>Ludovic Zammit</strong><br> <span \ style="color:#666666; font-size:12px;"><strong>Product Support Engineer Principal \ Lead</strong></span></td> </tr> <tr> <td colspan="3" valign="bottom" style="padding-bottom:6px;"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/2019/logo-no-tag-93x45.png"></td> </tr> <tr> <td style="line-height: 2px; border-bottom: 1px solid #8f9194;" colspan="2" \ valign="top"></td> </tr> <tr> <td height="5" valign="top" style="padding-top:6px;"><font \ face="verdana,arial,geneva,helvetica,sans-serif" color="#333333" \ size="1"><strong>Cell:</strong> +1.613.670.8432<br></font></td> <td height="5" \ style="padding-top:6px;"><font face="verdana,arial,geneva,helvetica,sans-serif" \ color="#333333" size="1">Akamai Technologies - Inverse<br>145 Broadway<br>Cambridge, \ MA 02142<br></font></td> </tr> <tr> <td height="7" bgcolor="#ffffff" colspan="2" valign="top"></td> </tr> <tr> <td width="148" height="5" valign="middle" style="padding-left:0px; padding-top: \ 10px;font-family:Arial, Helvetica, sans-serif;color:#666666;">Connect with Us:</td> \ <td style="padding-left:1px; padding-top: 10px;" width="222" height="5"> <a \ href="https://community.akamai.com" target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/community.jpg" border="0" \ style="margin: 0 1px;"></a> <a href="http://blogs.akamai.com" target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/rss.png" border="0" \ style="margin: 0 1px;"></a> <a href="https://twitter.com/akamai" \ target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/twitter.png" border="0" \ style="margin: 0 1px;"></a> <a href="http://www.facebook.com/AkamaiTechnologies" \ target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/fb.png" border="0" \ style="margin: 0 1px;"></a> <a \ href="http://www.linkedin.com/company/akamai-technologies" target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/in.png" border="0" \ style="margin: 0 1px;"></a> <a \ href="http://www.youtube.com/user/akamaitechnologies?feature=results_main" \ target="_blank"><img \ src="https://www.akamai.com/us/en/multimedia/images/custom/youtube.png" border="0" \ style="margin: 0 1px;"></a> </td> </tr> </tbody></table> </div> <div><br><blockquote type="cite"><div>On Apr 18, 2024, at 11:49 AM, Will Nygard via \ PacketFence-users <packetfence-users@lists.sourceforge.net> wrote:</div><br \ class="Apple-interchange-newline"><div><div>Hi all,<br><br>Does anyone know a way to \ revoke multiple PK-PKI certificates at once? I looked around on the web and was \ unable to find a way to do this. So far, revoking one at a time through the web \ console is working for me, as I'm just starting to implement EAP-TLS, but once I \ scale up it would be very time consuming to revoke all at once. <br><br>The reason I \ need to revoke certificates en masse is to deal with an issue with Jamf Pro SCEP \ integration, which I saw another user dealing with in this email. \ https://urldefense.com/v3/__https://www.mail-archive.com/packetfence-users@lists.sourc \ eforge.net/msg22151.html__;!!GjvTz_vk!RubQGmSHcWc82ONTU4JJxg3X558b_FcjeE1ETYiv47HZCn2Lv1dqFY3YCz2h4HPLTfRNsFHkX2Gh1bWmhkx6MNHbbaGoC3yjFhEXBg$ \ <br><br>Any ideas?<br><br>Thanks,<br>Will N<br>Systems and Network \ Administrator<br><br><br>_______________________________________________<br>PacketFence-users \ mailing list<br>PacketFence-users@lists.sourceforge.net<br>https://urldefense.com/v3/_ \ _https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!RubQGmSHc \ Wc82ONTU4JJxg3X558b_FcjeE1ETYiv47HZCn2Lv1dqFY3YCz2h4HPLTfRNsFHkX2Gh1bWmhkx6MNHbbaGoC3z86Kdf0A$ \ <br></div></div></blockquote></div><br></div></body></html> ["smime.p7s" (smime.p7s)] 0 *H 010 `He 0 *H 0f0 >