Revoke order certificates
3 minute read
PUT
Use this endpoint to submit a request to revoke all certificates on an order.https://www.digicert.com/services/v2/order/certificate/{{order_id}}/revoke
This operation revokes all certificates on an order, including duplicates and reissues. To revoke only a single certificate on an order, use the Revoke certificate endpoint.
Warning
Revoking a certificate is permanent. For most implementations, revoking a code signing or document signing certificate invalidates past signatures and timestamps on code or documents signed by the certificate.Skip the approval step
After submitting the request, an administrator must approve it before DigiCert can revoke the certificate.
To skip the approval step and submit the request directly to DigiCert for revocation, include "skip_approval": true in the body of your request. To skip the approval step, the API key must have admin privileges. See Authentication.
Example requests and responses
curl --request PUT 'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/revoke' \
--header 'Content-Type: application/json' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--data-raw '{
"skip_approval": true
}'curl --request PUT 'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/revoke' \
--header 'Content-Type: application/json' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--data-raw '{
"comments": "I no longer need this certificate."
}'curl --request PUT 'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/revoke' \
--header 'Content-Type: application/json' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--data-raw '{
"revocation_reason": "superseded",
"skip_approval": true
}'// empty{
"id": 1,
"date": "2016-02-10T17:06:15+00:00",
"type": "revoke",
"status": "pending",
"requester": {
"id": 242140,
"first_name": "Jack",
"last_name": "White",
"email": "j.white@fakeaddy.com"
},
"comments": "Revoked via API!"
}Request parameters
| Name | Req/Opt | Type | Description |
|---|---|---|---|
| comment | optional | string | Message to associate with the revocation request. Use this field to add a comment to the request for the request approver. Note: DigiCert only stores the comment value on revocation requests. If skip_approval is true and the requestor has admin privileges, DigiCert revokes the certificate without creating a request, and we do not store the comment value. |
| skip_approval | optional | bool | If true, the revoke request skips the approval step and is immediately submitted to DigiCert for revocation. Otherwise, false (default). Note: For skip approvals to work, the API key must have admin privileges. |
Response parameters
Note
If you skip the approval step, the API returns a status of 204 (No Content) instead of these fields.| Name | Type | Description |
|---|---|---|
| id | int | Request ID. |
| date | string | Timestamp of when the revoke request was submitted. Format: UTC timezone and ISO 8601 date |
| type | string | Request type. Possible values: |
| revoke | ||
| status | string | Status of the revoke request. Possible values: submitted, pending, approved, rejected |
| requester | object | Details about the user that placed the request. See Structures – User details object. |
| .. id | int | User ID. |
| .. first_name | string | First name of user. |
| .. last_name | string | Last name of user. |
| string | Email address of user. | |
| comments | string | Message about the revoke request. |
Was this page helpful?
Provide feedback