Create a CMC revocation request for an existing certificate. For example, if the directory containing the agent certificate is /var/lib/rhpki-ca/alias/, the nickname of the certificate is CertificateManagerAgentCert, and the serial number of the certificate is 22, the command is as follows:

CMCRevoke -d "/var/lib/rhpki-ca/alias" -n "CertificateManagerAgentCert" -i "cn=agentAuthMgr" -s 22 -m 0 -c "test comment"

Open the CA's end-entities page.

Select the Revocation tab.

Select the CMC Revoke link in the menu.

Paste the output from the CMCRevoke operation into the text box. Remove the -----BEGIN NEW CERTIFICATE REQUEST----- and ----END NEW CERTIFICATE REQUEST----- lines from the pasted content.

Click Submit.

The results page displays that certificate 22 has been revoked.