Revoke Certificate exception

Dec 23, 2011 at 11:51 AM
Edited Dec 23, 2011 at 11:53 AM

Hi I have some issues with the revoke certificate:

PS C:\Windows\system32> Get-CertificationAuthority -Name "CA Name" | Get-IssuedRequest -RequestID 123
| Revoke-Certificate
WARNING: Unable to revoke the certificate with serial number '04e1b19ba00000000007b'
Exception calling "RevokeCertificate" with "4" argument(s): "CCertAdmin::RevokeCertificate: The parameter is incorrect.
0x80070057 (WIN32: 87)"
At C:\Windows\system32\WindowsPowerShell\v1.0\Modules\PKI\Revoke-Certificate.ps1:22 char:32
+ $CertAdmin.RevokeCertificate <<<< ($Request.ConfigString,$Request.SerialNumber,$Reasons[$Reason],$Revocat
ionDate)
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : ComMethodTargetInvocation

I have no problem executing "Get-CertificationAuthority -Name "CA Name" | Get-IssuedRequest -RequestID 123" I a successfull return, but when i try to revoke i get this message.

 

Best regards

 

Henriik

Coordinator
Dec 23, 2011 at 3:09 PM

I can confirm this issue. Unfortunately, I have included incorrect version of Revoke-Certificate command. In next few days I'll publish 1.0 version where this issue is fixed.

As a workaround, you can edit 'C:\Windows\system32\WindowsPowerShell\v1.0\Modules\PKI\Revoke-Certificate.ps1' file and remove exclamation mark in the following line: 'if (!($Request.SerialNumber.Length % 2)) {$Request.Serialnumber = "0" + $Request.Serialnumber}'. Note, if you edit files, a file signature will fail and the module may not work correctly (depending on security settings).

Dec 23, 2011 at 3:32 PM

Hi Camelot

Great I will try it later with the workaround.

Thanks and merry Christmas

Henrik

Fra: Camelot [email removed]
Sendt: 23. december 2011 13:10
Til: henrik@tlink.dk
Emne: Re: Revoke Certificate exception [pspki:284007]

From: Camelot

I can confirm this issue. Unfortunately, I have included incorrect version of Revoke-Certificate command. In next few days I'll publish 1.0 version where this issue is fixed.

As a workaround, you can edit 'C:\Windows\system32\WindowsPowerShell\v1.0\Modules\PKI\Revoke-Certificate.ps1' file and remove exclamation mark in the following line: 'if (!($Request.SerialNumber.Length % 2)) {$Request.Serialnumber = "0" + $Request.Serialnumber}'. Note, if you edit files, a file signature will fail and the module may not work correctly (depending on security settings).

Coordinator
Jan 4, 2012 at 7:33 PM
This discussion has been copied to a work item. Click here to go to the work item and continue the discussion.
Coordinator
Jan 5, 2012 at 8:08 PM

I want to inform you that a new version is available: http://pspki.codeplex.com/releases/view/79921 with correct version of Revoke-Certificate command version.

Jan 5, 2012 at 11:26 PM

Great, thanks.

Henrik

Fra: Camelot [email removed]
Sendt: 5. januar 2012 18:08
Til: henrik@tlink.dk
Emne: Re: Revoke Certificate exception [pspki:284007]

From: Camelot

I want to inform you that a new version is available: http://pspki.codeplex.com/releases/view/79921 with correct version of Revoke-Certificate command version.