Revoke Certificate

Revoke the certificate bound to a device.

Operation Permissions

Required Authorization

Required Operation Permission

Device Management

Full Access

Request Format

POST http://{apigw-address}/connect-service/v2.0/certificates?action=revoke

Request Parameters (URI)

Note

One of the following options must be included in a request to specify a device.

  • assetId

  • productKey + deviceKey

Request Parameters(URI)

Name

Location (Path/Query)

Required or Not

Data Type

Description

orgId

Query

True

String

OU ID

assetId

Query

False

String

Asset ID

productKey

Query

False

String

Product key of the device

deviceKey

Query

False

String

Device key of the device

certSn

Query

True

Int

The number of the certificate to be revoked

reason

Query

False

RevokeReason

RevokeReason is an enum whose default value is 0 UNSPECIFIED . The enum values are as follows:

  • 0 UNSPECIFIED:The reason why the certificate is revoked is unknown.

  • 1 KEY_COMPROMISE:The private key of the certificate owner has been compromised.

  • 3 AFFILIATION_CHANGED:The certificate owner’s name or information has been changed.

  • 4 SUPERSEDED:The certificate has been replaced.

  • 5 CESSATION_OF_OPERATION:The certificate is no longer needed.

  • 6 CERTIFICATE_HOLD:The certificate has been suspended.

  • 9 PRIVILEGE_WITHDRAWN:The certificate issuing entity has been cancelled access. The CA becomes invalid or the certificate is unreliable.

Response Parameters

Response Parameters (Body)

Name

Required or Not

Description

data

null

Samples

Java SDK Sample

package com.envisioniot.enos.api.sample.connect_service.cert;

import com.envision.apim.poseidon.config.PConfig;
import com.envision.apim.poseidon.core.Poseidon;
import com.envisioniot.enos.connect_service.v2_1.cert.RevokeCertificateRequest;
import com.envisioniot.enos.connect_service.v2_1.cert.RevokeCertificatesResponse;
import com.envisioniot.enos.connect_service.v2_1.cert.RevokeReason;
import com.envisioniot.enos.connect_service.vo.DeviceIdentifier;

public class RevorkCert {
    public static void main(String[] args) {
        String appKey = "e36cc693-3a07-456e6cafcbc2-9314-4ff6";
        String appSecret = "6cafcbc2-9314-4ff6-9450-861d4344a431";
        String serverUrl = "http://apim-apigw-proxy.alpha-k8s-cn4.eniot.io";

        String orgId = "o15444172373271";
        Integer certSn = 2661;
        RevokeCertificateRequest request = new RevokeCertificateRequest();
        DeviceIdentifier identifier = new DeviceIdentifier();
        identifier.setProductKey("ymcDiAHd");
        identifier.setAssetId("KloXinjW");
        identifier.setDeviceKey("TT6MyEFaO7");
        request.setDevice(identifier);
        request.setCertSn(certSn);
        request.setOrgId(orgId);
        request.setReason(RevokeReason.UNSPECIFIED);
        RevokeCertificatesResponse certRsp = Poseidon.config(PConfig.init().appKey(appKey).appSecret(appSecret).debug())
                .url(serverUrl)
                .getResponse(request, RevokeCertificatesResponse.class);
        if (certRsp.success()) {
            System.out.println("revoke is success!");
        }
    }

}

Error Code

Error Code

Error Code

Type

Description

99400

  • The specified validity period exceeds the maximum certificate validity period of the product to which this device belongs.

  • Exceeded the remaining valid days of the CA root certificate! The valid day cannot be greater than x day!

  • Error info:message: (message content), detail message: (detailed message content)

  • The old certificate serial number is a mandatory field

  • The serial number of the incoming old certificate is illegal (less than 0)

  • The certificate list bound to the device does not have the certificate, or the certificate is bound to other devices.

  • The old certificate has been revoked and cannot be updated.

  • The old certificate has exbeen pired and cannot be updated.

  • device identifier is invalid

  • orgId is null

  • The validity period specified is longer than the maximum validity period of the product that this device belongs to

  • The validity period specified is longer than the remaining CA root certificate’s validity period. The validity period cannot exceed x days. (x representing the remaining CA root certificate validity period.)

  • Parameter error. Detailed cause will be given in message or detailed message .

  • The number of the original certificate is required.

  • The number of the original certificate in the request is invalid (less than 0).

  • The device has no certificate bound, or the certificate has been bound to another device.

  • The original certificate has been revoked, or cannot be updated or revoked.

  • The original certificate has expired, or cannot be updated or revoked.

  • Neither assetId nor productKey + deviceKey is included in the request.

  • orgId is not included in the request.

11404

device can not be found

No device can be specified by assetId or productKey + deviceKey.

99500

  • hub service internal error!

  • certificate service err info:code: x, message: y, detail message: z

  • certificate service internal error!

  • Internal service error

  • Internal CA service error. Detailed causes are given in message or detail message .

  • Internal certificate error