When should I revoke my certificate? How do I do it?

A key owner must revoke their certificate if they know or suspect that their private key has been compromised— meaning that it could be used to create unauthorized digital signatures.

With SIGNiX’s products, certificates and private keys are managed automatically in our system. The private keys are stored in an encrypted format within our secured system. An end-user does not normally need to revoke keys within this system. Nevertheless, if a user with a digital identity wants to ensure that the certificate associated with the account has been revoked, they should perform the account recovery procedure on their digital identity account. Recovering signing credentials will revoke the subscriber’s existing certificate and will issue a new certificate with a new key pair.

Users with a digital identity authorize use of their private key using their signing credentials. Users are responsible for maintaining the secrecy of their signing credentials. If a user knows or suspects that their signing credentials have been compromised, they must immediately change their signing credentials or notify SIGNiX’s customer support team.