Request

Endpoint: !AutoRevokeSSL

https://secure.trust-provider.com/products/!AutoRevokeSSL

Use the POST method for this endpoint.

Submit parameters in the x-www-form-urlencoded format.

Request parameters

The following table lists the required, optional, and conditional parameters.

Parameter Requirement Type Max.Length Description

Parameter	Requirement	Type	Max.Length	Description
`loginName`	required	string	64 chars	Your account username. This value is case sensitive.
`loginPassword`	required	string	128 chars	Your account password. This value is case sensitive.
`orderNumber`	conditional	integer		The order number previously returned to your account. Either `orderNumber`, `certificateID` or `serialNumber` must be provided.
`certificateID`	conditional	integer	16 digits	The internal certificate ID of the SSL certificate to be revoked or rejected. It is the ID previously returned by `AutoApplySSL`, `AutoReplaceSSL`, or `WebHostReport`. Either `orderNumber`, `certificateID` or `serialNumber` must be provided.
`serialNumber`	conditional	string	34 digits	The serial number of the certificate to be revoke. The number needs to be in hexadecimal string representation. Either `orderNumber`, `certificateID` or `serialNumber` must be provided.
`revocationReason`	required	string	1024 chars	A comment describing the reason for revocation. This information is used for your reference only. No action will be taken by Sectigo based on this information. To maintain backwards compatibility with `v1.00` of this specification, `revocationReason` can be (but should not be) omitted. If omitted, error code `-23` will be returned instead of error code `-26` if the SSL Certificate is currently being issued. For more information, see Error codes.
`codeReason`	required	integer		Specifies the code for the revocation reason. The possible values are: `0` — Unspecified `1` — keyCompromise `3` — affiliationChanged `4` — Superseded `5` — cessationOfOperation If omitted, the value defaults to `0`. For more information, see CPS.
`test`	optional	char	1 char	Indicates whether the revocation is a test operation. The possible values are: `Y` — The certificate will not actually be revoked or rejected. `N` — The certification will be revoked. If omitted, the value defaults to `N`.
`responseFormat`	optional	char	1 chars	The possible values are: `0` — Newline-delimited parameters. `1` — URL-encoded parameters. If omitted, the value defaults to `0`.

loginName

required

string

64 chars

Your account username.

This value is case sensitive.

loginPassword

required

string

128 chars

Your account password.

This value is case sensitive.

orderNumber

conditional

integer

The order number previously returned to your account.

Either orderNumber, certificateID or serialNumber must be provided.

certificateID

conditional

integer

16 digits

The internal certificate ID of the SSL certificate to be revoked or rejected.

It is the ID previously returned by AutoApplySSL, AutoReplaceSSL, or WebHostReport.

Either orderNumber, certificateID or serialNumber must be provided.

serialNumber

conditional

string

34 digits

The serial number of the certificate to be revoke.

The number needs to be in hexadecimal string representation.

Either orderNumber, certificateID or serialNumber must be provided.

revocationReason

required

string

1024 chars

A comment describing the reason for revocation. This information is used for your reference only. No action will be taken by Sectigo based on this information.

To maintain backwards compatibility with v1.00 of this specification, revocationReason can be (but should not be) omitted.

If omitted, error code -23 will be returned instead of error code -26 if the SSL Certificate is currently being issued. For more information, see Error codes.

codeReason

required

integer

Specifies the code for the revocation reason.

The possible values are:

0 — Unspecified
1 — keyCompromise
3 — affiliationChanged
4 — Superseded
5 — cessationOfOperation

If omitted, the value defaults to 0.

For more information, see CPS.

test

optional

char

1 char

Indicates whether the revocation is a test operation.

The possible values are:

Y — The certificate will not actually be revoked or rejected.
N — The certification will be revoked.

If omitted, the value defaults to N.

responseFormat

optional

char

1 chars

The possible values are:

0 — Newline-delimited parameters.
1 — URL-encoded parameters.

If omitted, the value defaults to 0.

Sample request

curl --location 'https://secure.trust-provider.com/products/!AutoRevokeSSL' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'loginName=login_name' \
--data-urlencode 'loginPassword=login_password' \
--data-urlencode 'revocationReason=revocation_reason' \
--data-urlencode 'orderNumber=order_number' \
--data-urlencode 'codeReason=code_reason'

Response

The request is successful when the server returns a response with the status code 0.

Any errorCode less than 0 indicates an error condition.

The list of codes and their descriptions can be found in Error codes.

User can change response format by adding the responseFormat parameter to the request.

Response parameters

The response may contain the following parameters:

Parameter Response Format Description

Parameter	Response Format	Description
`responseFormat=0` (default)	text/plain	Success: First line contains status code `0`. Failure: First line contains the status code. Second line contains the status message.
`responseFormat=1`	`application/x-www-form-urlencoded`	Success: Response contains `errorCode=0`. Failure: Response contains `errorCode` and `errorMessage` fields.

responseFormat=0 (default)

text/plain

Success:

First line contains status code 0.

Failure:

First line contains the status code.
Second line contains the status message.

responseFormat=1

application/x-www-form-urlencoded

Success:

Response contains errorCode=0.

Failure:

Response contains errorCode and errorMessage fields.

Sample success response

Success response with the code 0.

`0`

Sample error response

-20
The Certificate has already been rejected!

Error codes

The following table outlines error responses returned by the AutoRevokeSSL API endpoint. Each error response consists of an errorCode and an errorMessage indicating why the request failed.

Error Code Error Message Description

Error Code	Error Message	Description
`-1`	`Request was not made over https!`	The request must use HTTPS protocol.
`-2`	`Unrecognised argument!`	The provided argument is not recognized.
`-3`	`The 'xxxx' argument is missing!`	The required argument is missing from the request.
`-4`	`The value of the xxxx' argument is invalid!`	The argument value does not meet validation requirements.
`-14`	`An unknown error occurred!`	An unknown error occurred.
`-16`	`Permission denied!`	The user does not have permission for the requested context.
`-17`	`Request used GET rather than POST!`	The request method should be `POST`.
`-20`	`The certificate request has been rejected!`	The requested certificate is in the rejected state.
`-21`	`The certificate has been revoked!`	The requested certificate is in the revoked state.
`-23`	`The certificate is currently being issued!`	The required certificate is in the process of being issued. To maintain backwards compatibility with v1.00 of this specification, when parameter `revocationReason` is omitted in the request, `-23` will be returned instead of `-26` if the SSL Certificate is currently being issued.
`-26`	`The certificate is currently being issued!`	The required certificate is in the process of being issued.

-1

Request was not made over https!

The request must use HTTPS protocol.

-2

Unrecognised argument!

The provided argument is not recognized.

-3

The 'xxxx' argument is missing!

The required argument is missing from the request.

-4

The value of the xxxx' argument is invalid!

The argument value does not meet validation requirements.

-14

An unknown error occurred!

An unknown error occurred.

-16

Permission denied!

The user does not have permission for the requested context.

-17

Request used GET rather than POST!

The request method should be POST.

-20

The certificate request has been rejected!

The requested certificate is in the rejected state.

-21

The certificate has been revoked!

The requested certificate is in the revoked state.

-23

The certificate is currently being issued!

The required certificate is in the process of being issued.

To maintain backwards compatibility with v1.00 of this specification, when parameter revocationReason is omitted in the request, -23 will be returned instead of -26 if the SSL Certificate is currently being issued.

-26

The certificate is currently being issued!

The required certificate is in the process of being issued.