• Documentation
  • Revoke Certificate

Revoke Certificate

Revoke the certificate bound to a device.

Operation Permissions

Required Authorization Required Operation Permission
Device Management Full Access

Request Format

POST http://{apigw-address}/connect-service/v2.0/certificates?action=revoke

Request Parameters (URI)

Note

One of the following options must be included in a request to specify a device.

  • assetId
  • productKey + deviceKey
Request Parameters(URI)
Name Location (Path/Query) Required or Not Data Type Description
orgId Query True String OU ID
assetId Query False String Asset ID
productKey Query False String Product key of the device
deviceKey Query False String Device key of the device
certSn Query True Int The number of the certificate to be revoked
reason Query False RevokeReason
RevokeReason is an enum whose default value is 0 UNSPECIFIED . The enum values are as follows:
  • 0 UNSPECIFIED:The reason why the certificate is revoked is unknown.
  • 1 KEY_COMPROMISE:The private key of the certificate owner has been compromised.
  • 3 AFFILIATION_CHANGED:The certificate owner’s name or information has been changed.
  • 4 SUPERSEDED:The certificate has been replaced.
  • 5 CESSATION_OF_OPERATION:The certificate is no longer needed.
  • 6 CERTIFICATE_HOLD:The certificate has been suspended.
  • 9 PRIVILEGE_WITHDRAWN:The certificate issuing entity has been cancelled access. The CA becomes invalid or the certificate is unreliable.

Response Parameters

Response Parameters (Body)
Name Required or Not Description
data null  

Samples

Java SDK Sample

package com.envisioniot.enos.api.sample.connect_service.cert;

import com.envision.apim.poseidon.config.PConfig;
import com.envision.apim.poseidon.core.Poseidon;
import com.envisioniot.enos.connect_service.v2_1.cert.RevokeCertificateRequest;
import com.envisioniot.enos.connect_service.v2_1.cert.RevokeCertificatesResponse;
import com.envisioniot.enos.connect_service.v2_1.cert.RevokeReason;
import com.envisioniot.enos.connect_service.vo.DeviceIdentifier;

public class RevorkCert {
    public static void main(String[] args) {
        String appKey = "e36cc693-3a07-456e6cafcbc2-9314-4ff6";
        String appSecret = "6cafcbc2-9314-4ff6-9450-861d4344a431";
        String serverUrl = "http://apim-apigw-proxy.alpha-k8s-cn4.eniot.io";

        String orgId = "o15444172373271";
        Integer certSn = 2661;
        RevokeCertificateRequest request = new RevokeCertificateRequest();
        DeviceIdentifier identifier = new DeviceIdentifier();
        identifier.setProductKey("ymcDiAHd");
        identifier.setAssetId("KloXinjW");
        identifier.setDeviceKey("TT6MyEFaO7");
        request.setDevice(identifier);
        request.setCertSn(certSn);
        request.setOrgId(orgId);
        request.setReason(RevokeReason.UNSPECIFIED);
        RevokeCertificatesResponse certRsp = Poseidon.config(PConfig.init().appKey(appKey).appSecret(appSecret).debug())
                .url(serverUrl)
                .getResponse(request, RevokeCertificatesResponse.class);
        if (certRsp.success()) {
            System.out.println("revoke is success!");
        }
    }

}

Error Code

Error Code
Error Code Type Description
99400
  • The specified validity period exceeds the maximum certificate validity period of the product to which this device belongs.
  • Exceeded the remaining valid days of the CA root certificate! The valid day cannot be greater than x day!
  • Error info:message: (message content), detail message: (detailed message content)
  • The old certificate serial number is a mandatory field
  • The serial number of the incoming old certificate is illegal (less than 0)
  • The certificate list bound to the device does not have the certificate, or the certificate is bound to other devices.
  • The old certificate has been revoked and cannot be updated.
  • The old certificate has exbeen pired and cannot be updated.
  • device identifier is invalid
  • orgId is null
  • The validity period specified is longer than the maximum validity period of the product that this device belongs to
  • The validity period specified is longer than the remaining CA root certificate’s validity period. The validity period cannot exceed x days. (x representing the remaining CA root certificate validity period.)
  • Parameter error. Detailed cause will be given in message or detailed message .
  • The number of the original certificate is required.
  • The number of the original certificate in the request is invalid (less than 0).
  • The device has no certificate bound, or the certificate has been bound to another device.
  • The original certificate has been revoked, or cannot be updated or revoked.
  • The original certificate has expired, or cannot be updated or revoked.
  • Neither assetId nor productKey + deviceKey is included in the request.
  • orgId is not included in the request.
11404 device can not be found No device can be specified by assetId or productKey + deviceKey.
99500
  • hub service internal error!
  • certificate service err info:code: x, message: y, detail message: z
  • certificate service internal error!
  • Internal service error
  • Internal CA service error. Detailed causes are given in message or detail message .
  • Internal certificate error