Updated on 2023-11-21 GMT+08:00

Deleting a CA

Only private CAs in the Pending activation, Revoked, Disabled, or Expired state can be deleted.

Private CAs in the Pending activation or Revoked state can be directly deleted. Private CAs in the Disabled or Expired state can only be deleted by scheduled deletion tasks.

For details, see Parameters for Deleting a CA.

import com.huaweicloud.sdk.ccm.v1.CcmClient;
import com.huaweicloud.sdk.ccm.v1.model.DeleteCertificateAuthorityRequest;
import com.huaweicloud.sdk.ccm.v1.model.DeleteCertificateAuthorityResponse;
import com.huaweicloud.sdk.core.auth.GlobalCredentials;

/**
 * Delete a CA.
 * (1) Only private CAs in the Pending activation, Revoked, Disabled, or Expired state can be deleted.
 * (2) Private CAs in the PENDING or REVOKED state will be directly deleted. Private CAs in the DISABLED or EXPIRED state can only be deleted by scheduled deletion tasks.
 */
public class DeleteCertificateAuthorityExample {
    /**
     * Basic authentication information:
     * - ACCESS_KEY: access key of the Huawei Cloud account
     * - SECRET_ACCESS_KEY: secret access key of the Huawei Cloud account
    * - DOMAIN_ID: Huawei Cloud account ID.
    * - CCM_ENDPOINT: Endpoint address for accessing Huawei Cloud CCM (PCA is included in CCM).
......*Hard-coded or plaintext AK and SK are risky. For security, encrypt your AK and SK and store them in the configuration file or environment variables.
     * In this example, the AK and SK are stored in environment variables for identity authentication. Before running this example, configure environment variables HUAWEICLOUD_SDK_AK and HUAWEICLOUD_SDK_SK.
     */
    private static final String ACCESS_KEY = System.getenv("HUAWEICLOUD_SDK_AK");
    private static final String SECRET_ACCESS_KEY = System.getenv("HUAWEICLOUD_SDK_SK");
    private static final String DOMAIN_ID = "<DomainID>";
    private static final String CCM_ENDPOINT = "<CcmEndpoint>";

    public static void main(String[] args) {
      // 1. Prepare the credentials for accessing Huawei Cloud. PCA is a global service.
        final GlobalCredentials auth = new GlobalCredentials()
                .withAk(ACCESS_KEY)
                .withSk(SECRET_ACCESS_KEY)
                .withDomainId(DOMAIN_ID);

        // 2. Initialize the SDK and transfer the credentials and endpoint address of CCM.
        final CcmClient ccmClient = CcmClient.newBuilder()
                .withCredential(auth)
                .withEndpoint(CCM_ENDPOINT).build();

       // 3. Make request parameters.
      // (1) ID of the CA to be disabled
        String caId = "3a02c7f6-d8f5-497e-9f60-18dfd3eeb4e6";
       // (2) Time for delaying the deletion. Note: This parameter is a string.
        String pendingDays = "7";

       // 4. Construct a request body.
        DeleteCertificateAuthorityRequest request = new DeleteCertificateAuthorityRequest()
                .withCaId(caId)
                .withPendingDays(pendingDays);

       // 5. Start to send the request.
        DeleteCertificateAuthorityResponse response;
        try {
            response = ccmClient.deleteCertificateAuthority(request);
        } catch (Exception e) {
            throw new RuntimeException(e.getMessage());
        }

        // 6. Obtain the response message. After the deletion succeeds, no response is returned and the returned status code is 204.
        System.out.println(response.getHttpStatusCode());
    }

}