1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
THE REVOKE ENDPOINT
Endpoint: /api/v1/cfssl/revoke
Method: POST
Required parameters:
* serial: a string specifying the serial number of a certificate
* authority_key_id: a string specifying the authority key identifier
of the certificate to be revoked; this is used to distinguish
which private key was used to sign the certificate.
* reason: a string identifying why the certificate was revoked; see,
for example, ReasonStringToCode in the ocsp package or section
4.2.1.13 of RFC 5280. The "reasons" used here are the ReasonFlag
names in said RFC.
Result:
The returned result is an empty JSON object
Example:
$ curl -d '{"serial": "7961067322630364137", \
"authority_key_id": "00:01:02:03:04:05:07", \
"reason": "superseded"}' \
${CFSSL_HOST}/api/v1/cfssl/revoke
|
