Revoking or removing a server certificate

If there are suspicions that a user on the Spotfire Server has signed unsafe items, it is possible to revoke the user's certificates, which renders signatures invalid. This prevents other users from making a trust decision based on false premises. As an administrator, you have the option to revoke a specific certificate for a user or for all certificates from that user, from a certain point in time, using the command revoke-code-signing-certificate. Previously imported root certificates, issued by a certificate authority (CA), can instead be removed using the command remove-code-signing-root-certificate.

About this task

When a certificate has been revoked, any signature made on items (after the specified time) will be considered invalid.

By default, only valid signatures can be trusted. If required (in special cases), it is possible to relax this limitation by changing a preference in Administration Manager (Application > Trust > Require valid signature to allow trust).

Before you begin

For instructions on using commands, see Executing commands on the command line.

Procedure

Open a command prompt as an administrator.
On the command line, enter config (config.shon Linux) followed by the revoke-code-signing-certificate command and any required parameters:
```
config revoke-code-signing-certificate --start-date=2020-12-31 --username=jdoe
```

Results

The signatures will no longer be valid.

See also Trusting custom content in the Spotfire environment and remove-code-signing-root-certificate.

JavaScript must be enabled in order to use this site.Please enable JavaScript in your browser and refresh the page.

Revoking or removing a server certificate

If there are suspicions that a user on the Spotfire Server has signed unsafe items, it is possible to revoke the user's certificates, which renders signatures invalid. This prevents other users from making a trust decision based on false premises. As an administrator, you have the option to revoke a specific certificate for a user or for all certificates from that user, from a certain point in time, using the command revoke-code-signing-certificate. Previously imported root certificates, issued by a certificate authority (CA), can instead be removed using the command remove-code-signing-root-certificate.

About this task

When a certificate has been revoked, any signature made on items (after the specified time) will be considered invalid.

By default, only valid signatures can be trusted. If required (in special cases), it is possible to relax this limitation by changing a preference in Administration Manager (Application > Trust > Require valid signature to allow trust).

Before you begin

For instructions on using commands, see Executing commands on the command line.

Procedure

Open a command prompt as an administrator.
On the command line, enter config (config.shon Linux) followed by the revoke-code-signing-certificate command and any required parameters:
```
config revoke-code-signing-certificate --start-date=2020-12-31 --username=jdoe
```

Results

The signatures will no longer be valid.

See also Trusting custom content in the Spotfire environment and remove-code-signing-root-certificate.