We have had two customers asking about revocation of certificates using the Web Service API or another method which allows for an External RA to be used (e.g. revocation mechanisms which are routed through the peers protocol).
It currently does not seem to be possible to do revocation over peers using WS. An alternative is to use CMP, but revocation over peers using WS would be nice to have until we have our new REST API in place (which I suspect will be dispatched via peers).
It would also be possible to use RA Master API directly, by invoking
but since the RA Master API is not a public API and can change between EJBCA versions, we cannot advice our customers to use it.
Backport to EJBCA 6.11.x branch if needed