Revoke a client certificate
If you detect suspicious activity on a registered client certificate, you can revoke it so that it can't be used again.
Note
Once a certificate is revoked, it's status can't be changed. That is, the
certificate status can't be changed to Active
or any other
status.
Revoke a client certificate (console)
To revoke a client certificate using the Amazon IoT console
-
Sign in to the Amazon Management Console and open the Amazon IoT console
. -
In the left navigation pane, choose Secure, choose Certificates.
-
In the list of certificates, locate the certificate that you want to revoke, and open the option menu by using the ellipsis icon.
-
In the option menu, choose Revoke.
If the certificate was successfully revoked, it will show as Revoked in the list of certificates.
Revoke a client certificate (CLI)
The Amazon CLI provides the update-certificate
aws iot update-certificate \ --certificate-id
certificateId
\ --new-status REVOKED
If the command was successful, the certificate's status will be
REVOKED
. Run describe-certificate
aws iot describe-certificate \ --certificate-id
certificateId