Re-registering a revoked client

The client revoke procedure removes a client from the console and updates a client certificate revocation list.

Clients can automatically get a new certificate if they can connect to any non authenticating relay.

If such a relay is unavailable you must complete the following manual cleanup to register the client again:

  1. Stop the client.
  2. Delete the KeyStorage client directory and the client computer ID.
  3. Complete the manual key exchange procedure.
  4. Start the client.

At the end of this procedure the client gets a fresh certificate and a new client computer ID.

Note: If you must revoke the certificate of a SuSe client, connected to an authenticating relay but blocked from the root server, ensure that, before running the manual registration with the password, you copy the following entries in the besclient.conf file:
Settings\Client\__Relay_Control_Server
Settings\Client\__RelayServer1
The manual registration, in fact, deletes automatically these entries in the configuration file and does not create them again, so you must add them manually, after the registration completes, to let the client communicate again with its authenticating relay.