diff --git a/lib/cli/caremovecommand.cpp b/lib/cli/caremovecommand.cpp
index ab6e0f811..a174d9e57 100644
--- a/lib/cli/caremovecommand.cpp
+++ b/lib/cli/caremovecommand.cpp
@@ -61,7 +61,7 @@ int CARemoveCommand::Run(const boost::program_options::variables_map& vm, const
 			<< "No request exists for fingerprint '" << ap[0] << "'.";
 		return 1;
 	}
-
+	Utility::SaveJsonFile(ApiListener::GetCertificateRequestsDir() + "/" + ap[0] + ".removed", 700, Utility::LoadJsonFile(requestFile));
 	if(remove(requestFile.CStr()) != 0)
 		return 1;
 
diff --git a/lib/remote/jsonrpcconnection-pki.cpp b/lib/remote/jsonrpcconnection-pki.cpp
index 9b537d138..27a21a6b3 100644
--- a/lib/remote/jsonrpcconnection-pki.cpp
+++ b/lib/remote/jsonrpcconnection-pki.cpp
@@ -129,6 +129,12 @@ Value RequestCertificateHandler(const MessageOrigin::Ptr& origin, const Dictiona
 
 			return result;
 		}
+	} else if (Utility::PathExists(requestDir + "/" + certFingerprint + ".removed")) {
+		Log(LogInformation, "JsonRpcConnection")
+			<< "Certificate for CN " << cn << " has been removed. Ignoring signing request.";
+		result->Set("status_code", 1);
+		result->Set("error", "Ticket for CN " + cn + " declined by administrator.");
+		return result;
 	}
 
 	std::shared_ptr<X509> newcert;