Endpoint: !autoRevokeCertificate

https://secure.trust-provider.com/products/!autoRevokeCertificate

The autoRevokeCertificate API endpoint allows you to revoke a certificate or cancel the order if the certificate has not yet been issued.

Use the POST method for this endpoint.

Submit parameters in the x-www-form-urlencoded format.

The following table lists the required and optional parameters.

Parameter Type Requirement Max. Length Description

loginName

string

required

64 chars

Your account username.

This value is case sensitive.

loginPassword

string

required

128 chars

Your account password.

This value is case sensitive.

orderNumber

integer

required

The order number of the account.

accountID

integer

optional

Your account ID number.

revocationReason

string

optional

1024 chars

A comment describing the reason for revocation. This information is for your reference only and does not affect processing by Sectigo.

codeReason

integer

required

The code of the reason for revocation.

The possible values are:

  • 0 = Unspecified (default)

  • 1 = keyCompromise

  • 3 = affiliationChanged

  • 4 = Superseded

  • 5 = cessationOfOperation

If omitted, codeReason defaults to 0. For more information, see CPS.

productCode

char

optional

50 chars

Determines the certificate to be revoked.

product

integer

optional

The product code for the certificate to be revoked.

test

char

optional

1 char

Indicates whether the revocation is a test operation. If omitted, test defaults to N.

This value is case sensitive.

responseFormat

integer

optional

1 digit

Specifies the response format.

The possible values are:

  • 0 = text description (default)

  • 1 = text/plain formatted

Sample request

curl --location --request POST 'https://secure.trust-provider.com/products/!AutoRevokeCertificate' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'loginName=yourLoginName' \
--data-urlencode 'loginPassword=yourPassword' \
--data-urlencode 'orderNumber=123456' \
--data-urlencode 'codeReason=1' \
--data-urlencode 'revocationReason=Key compromised' \
--data-urlencode 'responseFormat=0'

Response

The request is successful when the server returns a response with the status code = 0.

Any status code less than 0 indicates an error condition.

The list of codes and their descriptions can be found in Error codes.

The response is text/plain when responseFormat = 0 (by default).

If the status code < 0, the second line of the response is a textual representation of an error message.

autoRevokeCertificate can be instructed to return responses in the URL-encoding format by specifying responseFormat = 1 in the request. The MIME type will be application/x-www-form-urlencoded

Response parameters

The following table displays the content that can appear in the response.

Parameter Type Description

errorCode

integer

The numeric code indicating the result of the request. For more information, see Error codes.

errorMessage

string

The explanation of the error. This parameter is not present when errorCode = 0.

Sample success response

errorCode=0

Sample error response

errorCode=-16&errorMessage=Incorrect+login+details%2C+account+is+locked%2C+password+has+expired+or+your+source+IP+is+blocked.

Error codes

The following table outlines error responses returned by the autoRevokeCertificate API endpoint. Each error response consists of an errorCode and an errorMessage indicating why the request failed.

Error code Error Message Description

-1

Request was not made over https!

The request must use HTTPS protocol.

-2

Unrecognised argument!

The provided argument is not recognized.

-3

The 'xxxx' argument is missing!

The required argument is missing from the request.

-4

The value of the 'xxxx' argument is invalid!

The argument value does not meet validation requirements.

-14

An unknown error occurred!

An unknown error occurred.

-16

Incorrect login details, account is locked, password has expired or your source IP is blocked.

Authentication failed due to incorrect login, locked account, expired password, or blocked IP.

-17

Request used GET rather than POST!

The request method should be POST.

-20

The certificate request has already been rejected!

The certificate request cannot be processed because it has been rejected.

-21

The certificate has already been revoked!

The certificate has already been revoked.

-34

The certificate has already been replaced!

The certificate cannot be revoked because it has been replaced.

-35

The Certificate does not allow revocation after expiry!

The certificate cannot be revoked because it is expired.

-42

Call limit reached! Please try again later

The maximum number of allowed API requests has been exceeded. Please wait before submitting additional requests.

-43

Certificate is not in a revocable state

The certificate cannot be revoked in its current state.

-160

Failed to revoke certificate.

The certificate revocation failed due to a general error.