Revogar certificados do pedido

PUT
https://www.digicert.com/services/v2/order/certificate/{{order_id}}/revoke

Use this endpoint to submit a request to revoke all certificates on an order.

This operation revokes all certificates on an order, including duplicates and reissues. To revoke only a single certificate on an order, use the Revoke certificate endpoint.

Revoking a certificate is permanent. For most implementations, revoking a code signing or document signing certificate invalidates past signatures and timestamps on code or documents signed by the certificate.

Skip the approval step

After submitting the request, an administrator must approve it before DigiCert can revoke the certificate.

To skip the approval step and submit the request directly to DigiCert for revocation, include "skip_approval": true in the body of your request. To skip the approval step, the API key must have admin privileges. See Authentication.

Example request and response

Skip approval step (cURL)
curl --request PUT 'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/revoke' \
--header 'Content-Type: application/json' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--data-raw '{
  "skip_approval": true
}'
Create revocation request (cURL)
curl --request PUT 'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/revoke' \
--header 'Content-Type: application/json' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--data-raw '{
  "comments": "I no longer need this certificate."
}'
Include revocation reason (cURL)
curl --request PUT 'https://www.digicert.com/services/v2/order/certificate/{{order_id}}/revoke' \
--header 'Content-Type: application/json' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--data-raw '{
  "revocation_reason": "superseded",
  "skip_approval": true
}'
204 (Skip approval step)
// empty
201 (Create revocation request)
{
  "id": 1,
  "date": "2016-02-10T17:06:15+00:00",
  "type": "revoke",
  "status": "pending",
  "requester": {
    "id": 242140,
    "first_name": "John",
    "last_name": "Doe",
    "email": "j.doe@example.com"
  },
  "comments": "I no longer need this certificate."
}

Request parameters

Name Req/Opt Type Description
revocation_reason optional string Reason you want to revoke the certificate.

Only used in requests to revoke TLS/SSL certificates. Ignored in revocation requests for other certificate types.

Allowed values:
  • unspecified (default): None of the other reasons apply.
  • keyCompromise: The private key associated with the certificate has been lost, stolen, or otherwise compromised.
  • affiliationChanged: The organization name or any other organizational information in the certificate has changed.
  • superseded: The certificate has been replaced by another certificate.
  • cessationOfOperation: The domain is no longer active or managed by your organization, or you no longer use the certificate.
comment optional string Message to associate with the revocation request. Use this field to add a comment to the request for the request approver.

Note: DigiCert only stores the comment value on revocation requests. If skip_approval is true and the requestor has admin privileges, DigiCert revokes the certificate without creating a request, and we do not store the comment value.
skip_approval optional bool If true, the revoke request skips the approval step and is immediately submitted to DigiCert for revocation. Otherwise, false (default).

Note: For skip approvals to work, the API key must have admin privileges.

Response parameters

If you skip the approval step, the API returns a status of 204 (No Content) instead of these fields.

Name Type Description
id int Request ID.
date string Timestamp of when the revoke request was submitted.

Format: UTC timezone and ISO 8601 date
type string Request type.

Possible values: revoke
status string Status of the revoke request.

Possible values: submitted, pending, approved, rejected
requester object Details about the user that placed the request. See Structures – User details object.
.. id int User ID.
.. first_name string First name of user.
.. last_name string Last name of user.
.. email string Email address of user.
comments string Message about the revoke request.