Use this endpoint to submit a request to revoke a single certificate on an order. In the endpoint path, replace certificate_identifier
with the certificate ID or serial number of the certificate to revoke.
To submit a request to revoke the entire order, use the Revoke order certificates endpoint.
Revoking a certificate is permanent. For most implementations, revoking a code signing or document signing certificate invalidates past signatures and timestamps on code or documents signed by the certificate.
Certificates with a pending reissue order cannot be revoked. To revoke a certificate with a pending reissue, either cancel the reissue request or revoke the certificate after the reissue is complete.
After submitting the request, an administrator must approve it before DigiCert can revoke the certificate.
To skip the approval step and submit the request directly to DigiCert for revocation, include "skip_approval": true
in the body of your request. To skip the approval step, the API key must have admin privileges. See Authentication.
When you revoke a certificate on an order with only a single certificate:
To change this behavior such that revoking the only certificate on the order also revokes the entire order, follow these steps:
curl -X PUT \
'https://www.digicert.com/services/v2/certificate/{{certificate_identifier}}/revoke' \
-H 'Content-Type: application/json' \
-H 'X-DC-DEVKEY: {{api_key}}' \
-d '{
"comments": "I no longer need this cert.",
"skip_approval": true
}'
import requests
url = "https://www.digicert.com/services/v2/certificate/{{certificate_identifier}}/revoke"
payload = "{\n \"comments\": \"I no longer need this cert.\",\n \"skip_approval\":true\n}"
headers = {
'X-DC-DEVKEY': "{{api_key}}",
'Content-Type': "application/json"
}
response = requests.request("PUT", url, data=payload, headers=headers)
print(response.text)
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://www.digicert.com/services/v2/certificate/{{certificate_identifier}}/revoke"
payload := strings.NewReader("{\n \"comments\": \"I no longer need this cert.\,"\n \"skip_approval\":true\n}")
req, _ := http.NewRequest("PUT", url, payload)
req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}
var request = require("request");
var options = { method: 'PUT',
url: 'https://www.digicert.com/services/v2/certificate/{{certificate_identifier}}/revoke',
headers:
{ 'Content-Type': 'application/json',
'X-DC-DEVKEY': '{{api_key}}' },
body: { comments: 'I no longer need this cert.',
skip_approval: true},
json: true };
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
{
"id": 1,
"date": "2016-02-10T17:06:15+00:00",
"type": "revoke",
"status": "pending",
"requester": {
"id": 14,
"first_name": "John",
"last_name": "Smith",
"email": "john.smith@digicert.com"
},
"comments": "I no longer need this cert."
}
// empty
Name | Req/Opt | Description |
---|---|---|
certificate_identifier | required | Value that identifies the certificate to revoke. Accepts the certificate ID or serial number. |
Name | Req/Opt | Type | Description |
---|---|---|---|
comments | optional | string | Message about the revoke request. |
skip_approval | optional | bool |
If true , the revoke request skips the approval step and is immediately submitted to DigiCert for revocation. Otherwise, false .Default: false Note: To skip the approval step, the API key must have admin privileges. |
Name | Type | Description |
---|---|---|
id | int | Request ID. |
date | string |
Timestamp of when the request was submitted. Format: UTC timezone and ISO 8601 date |
type | string |
Request type. Possible values: revoke
|
status | string |
Status of the revoke request. Possible values: submitted , pending , approved , rejected
|
requester | object |
Details about the user that placed the request. See Structures – User details object. |
.. id | int | User ID. |
.. first_name | string | First name of user. |
.. last_name | string | Last name of user. |
string | Email address of user. | |
comments | string | Message about the revoke request. |