GetCertificateStatus is used to check if an Application needs to update its Certificate.
Signature
GetCertificateStatus(
[in] NodeId applicationId
[in] NodeId certificateGroupId
[in] NodeId certificateTypeId
[out] Boolean updateRequired
);
|
Argument |
Description |
|
applicationId |
The identifier assigned to the Application Instance by the GDS. |
|
certificateGroupId |
The NodeId of the Certificate Group which provides the context. If null the CertificateManager shall choose the DefaultApplicationGroup. |
|
certificateTypeId |
The NodeId of the CertificateType for the Certificate. If null the CertificateManager shall select a Certificate based on the value of the certificateGroupId argument. |
|
updateRequired |
TRUE if the Application needs to request a new Certificate from the GDS. FALSE if the Application can keep using the existing Certificate. |
Access permissions that apply to CreateSigningRequest Method shall apply to this Method.
This Method can be invoked by a configuration tool which has provided user credentials with necessary access permissions. It can also be invoked by the Application identified by the applicationId (e.g. the private key used to create the channel shall be private key associated with the Certificate assigned to the Application).
Method Result Codes (defined in Call Service)
|
Result Code |
Description |
|
Bad_NotFound |
The applicationId does not refer to a registered Application. |
|
Bad_InvalidArgument |
The certificateGroupId or certificateTypeId parameter is not valid. The text associated with the error shall indicate the exact problem. |
|
Bad_UserAccessDenied |
The current user does not have the rights required. |
Table 36 specifies the AddressSpace representation for the GetCertificateStatus Method.
Table 36 – GetCertificateStatus Method AddressSpace Definition
|
Attribute |
Value |
||||
|
BrowseName |
GetCertificateStatus |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
HasProperty |
Variable |
InputArguments |
Argument[] |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
OutputArguments |
Argument[] |
PropertyType |
Mandatory |
RevokeCertificate is used to revoke a Certificate issued by the CertificateManager.
This Method requires an encrypted channel and that the Client provides credentials with administrative rights for the application which is having the credentials revoked.
Signature
RevokeCertificate (
[in] NodeId applicationId
[in] ByteString certificate
);
|
Argument |
Description |
|
applicationId |
The identifier assigned to the Application by the CertificateManager. |
|
certificate |
The DER encoded Certificate to revoke. |
Method Result Codes (defined in Call Service)
|
Result Code |
Description |
|
Bad_NotFound |
The applicationId does not refer to a registered Application. |
|
Bad_InvalidArgument |
The certificate is not a Certificate for the specified Application that was issued by the CertificateManager. |
|
Bad_UserAccessDenied |
The current user does not have the rights required. |
Table A specifies the AddressSpace representation for the RevokeCredential Method.
Table 16A – Revoke Method AddressSpace Definition
|
Attribute |
Value |
||||
|
BrowseName |
Revoke |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
HasProperty |
Variable |
InputArguments |
Argument[] |
PropertyType |
Mandatory |