Comodo SSL Certificate Revocation Procedure

Hi folks. This is my first post and I am content with Comodo products. Now I have purchased several certificates for my organization and one of the things I have had to do is revise my PKI policies to reflect this.

One of the issues I am facing is addressing certificate revocation procedures. I understand in the event I feel that there has been a compromise to the certificates, I need to send a revocation request to Comodo from the same email I used to request for the certificate. One flaw I see in this is that it doesn’t have a Maker-Checker process whereby in the even someone maliciously requests for a revocation, Comodo has no way of verifying if the request is legit. Or is this entirely left to the discretion of me, the customer?

Looking forward to your feedback




I was under the impression that you could sign into your account, locate the certificate order and revoke it directly… Could be wrong.

However, I do know that any changes requested to certificates must come from the original email address the certificate was issued to, or from one listed on the domain registration.