API Method - suspend
Purpose
Use the “suspend” method for revoking the x509 certificate based on the certificate serial number.
Type of Method
POST
Request URL
http://www.example.com/emCAServices/rest/suspend
Request Input Parameters
JSON Object Contains below parameters
Parameter
Presence
Data Type
Description
signature
M
String
Certificate serial number has to be signed with PFX shared by us.
Pass Signed certificate serial number i.e., PKCS#7 data.
userName
M
String
You need to pass username that is registered with emCA for API process.
password
M
String
You need to pass the password that is registered with emCA for API process.
revokeMode
M
Integer
6
remarks
M
String
Pass your reason for suspension of certificate.
Sample JSON Object
requestData
{
" userName" : "username"
" password" : "password " "signature" :
"m2DyfvbrjKBEe8Ms0fL7gTZiJ5p8kSS1Mda71L7W1OCFObcn5qQv7/2UETxv/3wUyZNqYGDqRz/SNGV AXi3bQCzQeoCmb97WqQrPk5RcZjri7R4VrNnGf7hNBYLG2GNGuAdQMIlofhJuwh8316AkTjNKFQ8tmcD 7Ho0WKqfK6YTEZ47noaiXm2WfgwhXh5A0AMvYHRE/bkZL9CKJmlvh2ICxBC2byJ5GpE9swx6PLpu5Bis dtlD8vofMea+z+AnG2ncOq06Ngh7v9w2epYPHhQdDSNK4EmKNRpvlWWhrN3OqzGrTj/Qej/e5bnwLxsB tlC2M02buXr1iww7SE1EbKQ==",
"revokeMode" : "",
"remarks" : "test"
}
Parameter
Presence
Data Type
Description
requestData
M
String
All the request input parameters mentioned above should be converted to JSON object and encrypted with AES 256 key shared with you by the emCA team.
Pass Encrypted JSON Object.
userName
M
String
You need to pass username that is registered with emCA for API process.
Header details
Key
Presence
Value
Description
Application / JSON
M
Content-Type
Type of request should be in JSON Format.
Authentication Key
M
emKey
emKey is an encoded key (Refer section 4 for generating Authentication Key using command prompt).
Sample Request Data
Header:
Content-Type : application/json
emKey : 47b54594063957de22fce0aeddd51a6adf4a80aa
Request Body:
{
"requestData" : "Q/5rvKIZvoMfuZQnysxcGawX4wC1xRttkCHEExreOwUCltgPG0FmsAbEmNHgHvdM2A7Vadyks2IDACy dZDRG9rS/uq93IO3KMAyazof7IJXz31c3LiXorwiRksUFOrH2IqYbqI1q88Sf3rnxoTdq8oaOzYB2LoN Ph8dZihJyDIR33BccF1Dg/sS/UAwxJ3fjbPzRJpFcqhi2FX1IS8TxyW2PZtPyLtSddyDFxliryGv8RMm Vem6NdJYeNHcYo82qHtszdepvIWCi/DLCqs1alR9TcOsKQ8skBTUQY5xfiuONm68zytXBlF+MIAB40Ws w/12zywoCe2z14wqA/mvzF6Jd/Cw3059NfW8FtmBS502ty4l+kSDallVUCSFP9b9Drsh4q/giwT+zHa/ SQ3LWCFkjDLaB/OMzMaZfAFwm27/mDB4mSWVMPzMo8CDBvNNNekeV6lSeKSJ7rEbR2JJYIeLzQFp++Dv np0KZHZu5r+muXAPFCnsDj3MbLrpvbdl3VYKjtDCu0MXi/LX787pStPvr9coMmHTCwja5p7RwI7Ji/nb OnVpT8f2ylx/Rq7vTFRGAqnFmEK5HAkN6Owdf/dKaKUtifXzJqgjYft0NS7uoXbEJWbb4I86AqLhsPbq qN2zlOXZIaYLvkoleo//gAcevv6ZS3jk5rkhueR44ablyv5nhgQ25Fhg5cqu4hxUBOi1MRXk5RpA6RZk az+DPGSsJJ4+yKzTEnxhUZvnqzeFEf1cvIU3Fx9PLmvrQ50cE28AdNu749WOUyjq/eZCFC1rmY6KyThU 4ng49S+iqCrUiIIF+McgjbuVPRvy0M9eYi9HpVOduV7XEI2zrRLpID0ueVwo/j6XePsofLvk/5J/xT9S 8Ge6wgVNQzkO47eLi2VEPf5OXRopBaSLFZ1SPIgBVumlSnPgLfdNVOirJjhqMyADZrXgoAw3c+YTqRhs RDAhtPKx90Qtw643eLEi/1ujz9ZxB6yzTvFYnh05eaM+N08QVlEJcS+z84vqnY6/+8746T6Ct/tDrLdF CNVvveSEPVCujbE6LI6pzAnNuHWZoFYoDjANRTDuS8m3LY3mcC24cTJnNTt7a/hF6IsUj0ygfVctkpAT XvW9p1m4p6BpYmXFSP6w0nMvKnHd+Uy2R3qykk/1R6YoZbaG9dM3LrAqqAILkYNucL32xZCbSSKX6HIQ tZ0WMAfTubYXLsDnAZCLeph1P+fjnkbgrpizkQg==",
"userName" : "username"
}
Process
When the request is received by the emCA service, we will decrypt the request JSON Object with same AES key that is shared with the client.
After successful decryption, request JSON object (Signed serial number + Username + Password + revokeMode + remarks) is retrieved.
First the emCA service will validate username and password and check if the IP Address used for request and registered with the user are the same.
If it is same then signed data (signature) is validated by checking whether serial number is signed by pfx which is registered for the specific user.
If validation fails at any point in processing the request, the emCA service will throw error/failure message.
Response Parameters
Parameter
Data Type
Description
response
String
Returns JSON Object
JSON Object Contains below parameters
Parameter
Data Type
Description
status
String
Returns Status of the request as success if certificate suspension is successful.
Returns status of the request as failure if authentication fails or unregistered user tries to call the API
result
String
Returns
In case of success: “Suspended Successfully”
message will be displayed.
In case of failure: error message will be displayed.
subscriberId
String
Returns Subscriber Id.
requestI
String
Return Request ID null.
Response JSON Format
Sample:
Success:
Response Body()
{
"status":"success",
"result":" Suspended Successfully "
“subscriberId”:”XXX”
"requestId": null,
“aliasname”:null
}
Failure:
{
"status":"failure",
"result":"<Error message>"
“subscriberId”:null
"requestId": null,
“aliasname”:null
}
Error Messages
Error Message
Description
CRL does not exist
If CRL is not created for Issuer certificate
Certificate already suspended
If user certificate is already suspended
Signature verification failed
If signature parameter (certificate serial number) contains invalid certificate serial number
No Data Found For <serial number>
If no certificate is available for requested certificate serial number
Last updated