Revoke with newly-registered account (v2 API)


I am using the v2 API and want to understand the options to revoke a certificate with a newly-registered account.

Here is the complete use case:
I register account-1
I issue certificate-1
I deactivate account-1
I register account-2
I want to revoke certificate-1 with account-2 => what options do I have here?

I could make this work via v1 since the new-authz endpoint allows the authorisation for newly-registered accounts.


To perform the same process in ACME v2, you create a new order, perform the authorizations, but don’t finalize the order. This avoids creating a new certificate but entitles the account the revoke the previous certificate.

Then you can use the account to revoke the certificate.

I wrote a web-based tool that does this because I couldn’t find any ACME clients (at the time) that made this simple to do (or ones that support revocation based on the certificate private key).


Thanks for the suggested solution - I see no reason why this wouldn’t work for me as well.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.