GetRejectedList Method returns the list of Certificates that have been rejected by the Server.

No rules are defined for how the Server updates this list or how long a Certificate is kept in the list. It is recommended that every valid but untrusted Certificate be added to the rejected list as long as storage is available. Servers should omit older entries from the list returned if the maximum message size is not large enough to allow the entire list to be returned.

This Method shall be called from an authenticated SecureChannel and from a Client that has access to the SecurityAdmin Role (see 7.2).

Signature

GetRejectedList(

[out] ByteString[] certificates

);

Argument

Description

certificates

The DER encoded form of the Certificates rejected by the Server.

Method Result Codes (defined in Call Service)

Result Code

Description

Bad_UserAccessDenied

The current user does not have the rights required.

Bad_SecurityModeInsufficient

The SecureChannel is not authenticated.

Table 70 specifies the AddressSpace representation for the GetRejectedList Method.

Table 70 – GetRejectedList Method AddressSpace Definition

Attribute

Value

BrowseName

0:GetRejectedList

References

NodeClass

BrowseName

DataType

TypeDefinition

ModellingRule

0:HasProperty

Variable

0:OutputArguments

0:Argument[]

0:PropertyType

Mandatory