Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-6606

Certificate revocation using EJBCA WebService API through External (Peer) RA

    Details

    • Sprint:
      EJBCA Sprint 9

      Description

      We have had two customers asking about revocation of certificates using the Web Service API or another method which allows for an External RA to be used (e.g. revocation mechanisms which are routed through the peers protocol).

      It currently does not seem to be possible to do revocation over peers using WS. An alternative is to use CMP, but revocation over peers using WS would be nice to have until we have our new REST API in place (which I suspect will be dispatched via peers).

      It would also be possible to use RA Master API directly, by invoking

      changeCertificateStatus(AuthenticationToken authenticationToken, String fingerprint, int newStatus, int newRevocationReason) throws ApprovalException, WaitingForApprovalException
      

      but since the RA Master API is not a public API and can change between EJBCA versions, we cannot advice our customers to use it.


      Notes

      Backport to EJBCA 6.11.x branch if needed

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              tomas Tomas Gustavsson
              Reporter:
              bastianf Bastian Fredriksson
              Verified by:
              Henrik Sunmark
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: