Introduction

Features

The Certificate Autorevocation Service is the complement of the Microsoft Certificate Autoenrollment Service. The Certificate Autoenrollment Service of Microsoft enrolls automatically certificates to objects in the Active Directory. Nevertheless, if the objects are removed from the Active Directory, the certificate will stay valid until they expire. The keyon / Certificate Autorevocation Service revokes periodically all these certificates, which have no corresponding Objects in the Active Directory anymore. The Certificate Autorevocation Service verifies which certificates have no associated AD Object and revokes them. In addition the Certificate Autorevocation Service can be configured to revoke duplicate certificates.

Technical Details

The Certificate Autorevocation Service is executed as Windows Service.