Revoking a subordinate CA

Function

This API is used to revoke a subordinate CA

Note: If you do not want to provide the revocation reason, set the request body to {}. Otherwise, an error will be reported.

URI

POST /v1/private-certificate-authorities/{ca_id}/revoke

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
ca_id	Yes	String	ID of the sub-CA you want to revoke. Minimum: 36 Maximum: 36

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. The token can be obtained by calling the token API of IAM. The value of X-Auth-Token in the response header is the user token.

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
reason	No	String	Reason for revocation.The options are as follows: UNSPECIFIED : Default value. No reason is specified for revocation. KEY_COMPROMISE : The certificate key material has been leaked. CERTIFICATE_AUTHORITY_COMPROMISE : Key materials of the CA have been leaked in the certificate chain. AFFILIATION_CHANGED : The subject or other information in the certificate has been changed. SUPERSEDED : The certificate has been replaced. CESSATION_OF_OPERATION : The entity in the certificate or certificate chain has ceased to operate. CERTIFICATE_HOLD : The certificate should not be considered valid currently and may take effect in the future. PRIVILEGE_WITHDRAWN : This certificate no longer has permissions on the properties it claims. ATTRIBUTE_AUTHORITY_COMPROMISE : The authority which determines appropriate attributes for a Certificate may have been compromised. NOTE: If you do not want to provide the revocation reason, set the request body to {}. Otherwise, an error will be reported.

Response Parameters

Status code: 400

**Table 4** Response body parameters
Parameter	Type	Description
error_code	String	Error code Minimum: 3 Maximum: 36
error_msg	String	Error message Minimum: 0 Maximum: 1024

Status code: 401

**Table 5** Response body parameters
Parameter	Type	Description
error_code	String	Error code Minimum: 3 Maximum: 36
error_msg	String	Error message Minimum: 0 Maximum: 1024

Status code: 403

**Table 6** Response body parameters
Parameter	Type	Description
error_code	String	Error code Minimum: 3 Maximum: 36
error_msg	String	Error message Minimum: 0 Maximum: 1024

Status code: 404

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Error code Minimum: 3 Maximum: 36
error_msg	String	Error message Minimum: 0 Maximum: 1024

Status code: 500

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Error code Minimum: 3 Maximum: 36
error_msg	String	Error message Minimum: 0 Maximum: 1024

Example Requests

When you use this API to revoke a subordinate CA, a token is required in the X-Auth-Token field in the request header. The token must have the permission to access the API.

POST https://ccm.ae-ad-1.myhuaweicloud.com/v1/private-certificate-authorities/6434f74f-2d13-4e6a-89eb-93ee313f1a43/revoke

{
  "reason" : "KEY_COMPROMISE"
}

Example Responses

Status code: 400

Invalid request parameters.

{
  "error_code" : "PCA.XXX",
  "error_msg" : "XXX"
}

Status code: 401

Token required for the requested page.

{
  "error_code" : "PCA.XXX",
  "error_msg" : "XXX"
}

Status code: 403

Authentication failed.

{
  "error_code" : "PCA.XXX",
  "error_msg" : "XXX"
}

Status code: 404

No resources available or found.

{
  "error_code" : "PCA.XXX",
  "error_msg" : "XXX"
}

Status code: 500

Internal service error.

{
  "error_code" : "PCA.XXX",
  "error_msg" : "XXX"
}

Status Codes

Status Code	Description
204	Request succeeded, but no response body returned.
400	Invalid request parameters.
401	Token required for the requested page.
403	Authentication failed.
404	No resources available or found.
500	Internal service error.