The RemoveCertificate Method allows a Client to remove a single Certificate from the TrustList. It returns Bad_InvalidArgument if the thumbprint does not match a Certificate in the TrustList.

If the Certificate is a CA Certificate that has CRLs then all CRLs for that CA are removed as well.

This Method returns Bad_CertificateChainIncomplete if the Certificate is a CA Certificate needed to validate another Certificate in the TrustList.

This Method returns Bad_TransactionPending if a transaction is in progress (see 7.10.7).

This Method returns Bad_NotWritable if the TrustList Object is read only. For PullManagement, this Method shall be called from an authenticated SecureChannel and from a Session that has access to the CertificateAuthorityAdmin Role (see 7.2).

For PushManagement, this Method shall be called from an authenticated SecureChannel and from a Session that has access to the SecurityAdmin Role (see 7.2).

Signature

RemoveCertificate(

[in] String thumbprint

[in] Boolean isTrustedCertificate

);

Argument

Description

Thumbprint

The CertificateDigest of the Certificate to remove.

isTrustedCertificate

If TRUE the Certificate is removed from the Trusted Certificates List.

If FALSE the Certificate is removed from the Issuer Certificates List.

Method Result Codes (defined in Call Service)

Result Code

Description

Bad_UserAccessDenied

The current user does not have the rights required.

Bad_InvalidArgument

The certificate to remove was not found.

Bad_InvalidState

The Open Method was called with write access and the CloseAndUpdate Method has not been called.

Bad_CertificateChainIncomplete

The Certificate is needed to validate another Certificate in the TrustList.

Bad_TransactionPending

Transaction has started and ApplyChanges or CancelChanges has not been called.

Bad_SecurityModeInsufficient

The SecureChannel is not authenticated.

Table 26 specifies the AddressSpace representation for the RemoveCertificate Method.

Table 26 – RemoveCertificate Method AddressSpace Definition

Attribute

Value

BrowseName

0:RemoveCertificate

References

NodeClass

BrowseName

DataType

TypeDefinition

ModellingRule

0:HasProperty

Variable

0:InputArguments

0:Argument[]

0:PropertyType

Mandatory