Revocations.db and multiple storagenodes on the same server

What is the revocations.db good for? Is this documented somewhere? I tried to search in the forum and on Google with no success.

What happens when you create and sign a new identity on the same server? Will the existing revocations.db be overwritten or is the new info added to it?

What happens when I create and sign the identity on a different PC and move it to the server? What am I supposed to do with the new and different revocations.db?

The identity program is a Certificate Authority (CA) management program for X509 certificates. It is possible to revoke an identity certificate using the certificate-authority revoke command.

Typically one would not do this sort of thing. And, for those watching, please do not attempt it at home…

The revocations.db is probably, I can’t be absolutely sure because it’s not my program, a Certificate Revocation List (CRL). And is probably used in the same way as any other typical CA CRL is used…

CRL use in Internet PKI.

1 Like