# GPG Configuration on Windows for Secure Mail [[Prev|gpg3]] | *step 4 of 5* | [[Next|gpg5]] ## Generate a revocation certificate 1. You do not strictly need a revocation certificate, but now is the most convenient time to create it. * If for some reason your computer is lost or stolen you will be able revoke your key. 1. In the command window create a revocation certificate: * Type **gpg --gen-revoke --output 1C9771DB.revoke.asc 1C9771DB** (*with your hexidecimal Key ID , of course*) * Choose reason 1, Key has been compromised (if you maintain control of your key you can always issue a revocation certificate with another reason) * Make a note to save and print this certificate 1. Proceed to the [[Next|gpg5]] step [[!img gpg4.png align=left]]