Revoke certificate

PUT
https://www.digicert.com/services/v2/certificate/{{certificate_id}}/revoke

Use this endpoint to submit a request to revoke a single certificate on the order. If you want to submit a request to revoke the entire order, use the Revoke order certificates endpoint.

After submitting the request, an administrator must approve it before DigiCert can revoke the certificate.

To use the "skip_approval": true parameter to skip the approval step and submit the request directly to DigiCert for revocation, the API key must have admin privileges. See Authentication.

Certificates with a pending reissue order cannot be revoked. To revoke a certificate with a pending reissue, either cancel the reissue request or revoke the certificate after the reissue is complete.

What happens if I revoke a certificate on an order with only a single certificate?

When you revoke a certificate on an order with only a single certificate:

  • The order is still active
  • You can still reissue a certificate on that order
  • No refund is provided for a revoked certificate on an order

If you do not plan to reissue a certificate for the order, use the Revoke order certificates endpoint to submit a request to revoke the order.

Example request and reponse

cURL
curl -X PUT \
  'https://www.digicert.com/services/v2/certificate/{{certificate_id}}/revoke' \
  -H 'Content-Type: application/json' \
  -H 'X-DC-DEVKEY: {{api_key}}' \
  -d '{
  "comments": "I no longer need this cert.",
  "skip_approval": true
}'
Python
import requests

url = "https://www.digicert.com/services/v2/certificate/{{certificate_id}}/revoke"

payload = "{\n  \"comments\": \"I no longer need this cert.\",\n \"skip_approval\":true\n}"
headers = {
    'X-DC-DEVKEY': "{{api_key}}",
    'Content-Type': "application/json"
    }

response = requests.request("PUT", url, data=payload, headers=headers)

print(response.text)
Go
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "https://www.digicert.com/services/v2/certificate/{{certificate_id}}/revoke"

	payload := strings.NewReader("{\n  \"comments\": \"I no longer need this cert.\,"\n \"skip_approval\":true\n}")

	req, _ := http.NewRequest("PUT", url, payload)

	req.Header.Add("X-DC-DEVKEY", "{{api_key}}")
	req.Header.Add("Content-Type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}
NodeJS
var request = require("request");

var options = { method: 'PUT',
  url: 'https://www.digicert.com/services/v2/certificate/{{certificate_id}}/revoke',
  headers: 
   { 'Content-Type': 'application/json',
     'X-DC-DEVKEY': '{{api_key}}' },
  body: { comments: 'I no longer need this cert.', 
	    skip_approval: true},   
  json: true };

request(options, function (error, response, body) {
  if (error) throw new Error(error);

  console.log(body);
});
201 Created
{
  "id": 1,
  "date": "2016-02-10T17:06:15+00:00",
  "type": "revoke",
  "status": "pending",
  "requester": {
    "id": 14,
    "first_name": "John",
    "last_name": "Smith",
    "email": "john.smith@digicert.com"
  },
  "comments": "I no longer need this cert."
}
204 No Content (skip)
// empty

Request parameters

Name Req/Opt Type Description
comments optional string Message about the revoke request.
skip_approval optional bool Specify if the revoke request should skip the approval step and be immediately submitted to DigiCert for revocation.
Default: false
Note: For skip approvals to work, the API key must have admin privileges.

Response parameters

Name Type Description
id int Request ID.
date string Timestamp of when the request was submitted.
Format: UTC timezone and ISO 8601 date
type string Request type.
Possible values: revoke
status string Status of the revoke request.
Possible values: submitted, pending, approved, rejected
requester object Details about the user that placed the request.
See Structures – User details object.
.. id int User ID.
.. first_name string First name of user.
.. last_name string Last name of user.
.. email string Email address of user.
comments string Message about the revoke request.