3 CessationOfTrustOfCertificate
This method is to be called when an applicant is no longer eligible for a derived credential, and their credentials were derived from an SSL cert using the SSRP. It will immediately start to cancel all derived credentials that the credential authenticated.
Note: If an applicant has multiple derived credentials on the same device (for example, two derived credential VSCs on the same physical PC) only the first derived credential is canceled.
3.1 Inputs
|
Parameter |
Format |
Use |
|---|---|---|
|
certificateHash |
String(40) |
The thumbprint of the certificate that is no longer trusted. This is exactly 40 characters and does not support wildcards. |
3.2 Possible outcomes
The certificate thumbprint must be supplied, otherwise the following error will be returned:
1100 - Minimum data not supplied
If the certificate thumbprint contains invalid characters, for example wildcards, the following error will be returned:
1102 - Invalid Data
If the certificate thumbprint is not 40 characters long, the following error will be returned:
1102 - Invalid Data
If the certificate thumbprint does not match any credentials, a zero will be returned.
If the certificate thumbprint does match credentials and they are all successfully canceled, the number of credentials canceled will be returned.
If the certificate thumbprint does match credentials and one or more fail to cancel, the following error will be returned:
1101 - One or more devices failed to cancel
This error will contain details of each device.
For more details about the errors, see section 8, Error reference.