证书服务（四）注销证书

创建注销列表
echo 01 > /etc/pki/CA/crlnumber

获取证书编号：
openssl x509 -in test.crt -noout -serial -subject

注销证书
openssl ca -cert rootCA.crt \
-keyfile rootCA.key \
-revoke /etc/pki/CA/newcerts/03.pem

更新证书注销列表
openssl ca -cert rootCA.crt \
-keyfile rootCA.key \
-gencrl -out /etc/pki/CA/crl/crl.pem