Access the OpenXPKI server.
From a web browser, type http://ipaddress/openxpki/.
Log in as Operator. The default password is openxpki.
Note: The Operator login has two preconfigured operator accounts, raop and raop2.
Click Workflow Search > Search now.
Click a certificate to revoke, and then click the certificate link.
From the Action section, click revocation request.
Type the appropriate values, and then click Continue > Submit request.
On the next page, approve the request. The certificate revocation is waiting for the next CRL publish.
From the PKI Operation section, click Issue a certificate revocation list (CRL).
Click Enforce creation of revocation lists > Continue.
From the PKI Operation section, click Publish CA/CRL.
Click Workflow Search > Search now.
Click the revoked certificate with a certificate_revocation_request_v2 type.
Click Force wake up.
In the new CRL, you can find the serial number and the revocation reason of the revoked certificate.