02-26-2016 11:29 AM
I'm looking for a way to bulk revoke certificates in ClearPass.
I know it is possible to automatically revoke onboarded certificates that havent been used in x days, but I'm looking to do this with certificates which have been created via SCEP.
What I'd like to do is remove all of username x's certificates and all certificates before y date.
For example, revoke all of peter's certificates created before 1/1/2016.
Automatically revoking SCEP certificates that havent been used in X days would be a huge win as well.
03-01-2016 08:08 AM
Anyone have a way to do this that's not "scraping the website"?
It seems that SCEP requests get added to the CP Database as individual devices like "anonymous:14269" which makes it impossible to easily identify these.
This becomes really difficult when a slightly overzealous SCEP profile deploy suddenly cuts a couple of thousand redundant certificates :)