FinishRequest is used to finish a certificate request started with a call to StartNewKeyPairRequest or StartSigningRequest.
Signature
FinishRequest (
[in] NodeId applicationId
[in] NodeId requestId
[out] ByteString certificate
[out] ByteString privateKey
[out] ByteString[] issuerCertificates
);
|
Argument |
Description |
|
applicationId |
The identifier assigned to the Application Instance by the GDS. |
|
requestId |
The NodeId returned by StartNewKeyPairRequest or StartSigningRequest. |
|
certificate |
The DER encoded Certificate. |
|
privateKey |
The private key encoded in the format requested. If a password was supplied the blob is protected with it. This field is null if no private key was requested. |
|
issuerCertificates |
The Certificates required to validate the new Certificate. |
This call is passes the NodeId returned by a previous call to StartNewKeyPairRequest or StartSigningRequest.
It is expected that a Client will periodically call this Method until an entity with access to the RegistrationAuthorityAdmin Role has approved the request.
This Method shall be called from an encrypted SecureChannel and from a Session that has access to the CertificateAuthorityAdmin Role, the ApplicationAdmin Privilege, or the ApplicationSelfAdmin Privilege (see 7.2). In addition, the Client Certificate shall be the same as the one used to call StartSigningRequest or StartNewKeyPairRequest.
If auditing is supported, the GDS shall generate the CertificateDeliveredAuditEventType (see 7.9.13) if this Method succeeds or if it fails with anything but Bad_NothingToDo.
Method Result Codes (defined in Call Service)
|
Result Code |
Description |
|
Bad_NotFound |
The applicationId does not refer to a registered Application. |
|
Bad_InvalidArgument |
The requestId is does not reference to a valid request for the Application. |
|
Bad_NothingToDo |
There is nothing to do because request has not yet completed. |
|
Bad_UserAccessDenied |
The current user does not have the rights required. |
|
Bad_RequestNotAllowed |
The CertificateManager rejected the request. The text associated with the error should indicate the exact reason. |
Table 54 specifies the AddressSpace representation for the FinishRequest Method.
Table 54 – FinishRequest Method AddressSpace Definition
|
Attribute |
Value |
||||
|
BrowseName |
2:FinishRequest |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
0:HasProperty |
Variable |
0:InputArguments |
0:Argument[] |
0:PropertyType |
Mandatory |
|
0:HasProperty |
Variable |
0:OutputArguments |
0:Argument[] |
0:PropertyType |
Mandatory |