The RemoveCertificate Method allows a Client to remove a single Certificate from the TrustList. It returns Bad_InvalidArgument if the thumbprint does not match a Certificate in the TrustList.
If the Certificate is a CA Certificate that has CRLs then all CRLs for that CA are removed as well.
This Method returns Bad_CertificateChainIncomplete if the Certificate is a CA Certificate needed to validate another Certificate in the TrustList.
This Method returns Bad_TransactionPending if a transaction is in progress (see 7.10.9).
This Method returns Bad_NotWritable if the TrustList Object is read only. For PullManagement, this Method shall be called from an authenticated SecureChannel and from a Session that has access to the CertificateAuthorityAdmin Role (see 7.2).
For PushManagement, this Method shall be called from an authenticated SecureChannel and from a Session that has access to the SecurityAdmin Role (see 7.2).
Signature
RemoveCertificate(
[in] String thumbprint
[in] Boolean isTrustedCertificate
);
|
Argument |
Description |
|
Thumbprint |
The CertificateDigest of the Certificate to remove. |
|
isTrustedCertificate |
If TRUE the Certificate is removed from the Trusted Certificates List. If FALSE the Certificate is removed from the Issuer Certificates List. |
Method Result Codes (defined in Call Service)
|
Result Code |
Description |
|
Bad_UserAccessDenied |
The current user does not have the rights required. |
|
Bad_InvalidArgument |
The certificate to remove was not found. |
|
Bad_InvalidState |
The Open Method was called with write access and the CloseAndUpdate Method has not been called. |
|
Bad_CertificateChainIncomplete |
The Certificate is needed to validate another Certificate in the TrustList. |
|
Bad_TransactionPending |
Transaction has started and ApplyChanges or CancelChanges has not been called. |
|
Bad_SecurityModeInsufficient |
The SecureChannel is not authenticated. |
|
Bad_NotWritable |
The TrustList Object is open for read only |
Table 31 specifies the AddressSpace representation for the RemoveCertificate Method.
Table 31 – RemoveCertificate Method AddressSpace Definition
|
Attribute |
Value |
||||
|
BrowseName |
0:RemoveCertificate |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
ModellingRule |
|
0:HasProperty |
Variable |
0:InputArguments |
0:Argument[] |
0:PropertyType |
Mandatory |