GetRevocationStatus
Retrieves the revocation status of one or more of the signing profile, signing job, and signing certificate.
Request Syntax
GET /revocations?certificateHashes=certificateHashes
&jobArn=jobArn
&platformId=platformId
&profileVersionArn=profileVersionArn
&signatureTimestamp=signatureTimestamp
HTTP/1.1
URI Request Parameters
The request uses the following URI parameters.
- certificateHashes
-
A list of composite signed hashes that identify certificates.
A certificate identifier consists of a subject certificate TBS hash (signed by the parent CA) combined with a parent CA TBS hash (signed by the parent CA’s CA). Root certificates are defined as their own CA.
The following example shows how to calculate a hash for this parameter using OpenSSL commands:
openssl asn1parse -in childCert.pem -strparse 4 -out childCert.tbs
openssl sha384 < childCert.tbs -binary > childCertTbsHash
openssl asn1parse -in parentCert.pem -strparse 4 -out parentCert.tbs
openssl sha384 < parentCert.tbs -binary > parentCertTbsHash xxd -p childCertTbsHash > certificateHash.hex xxd -p parentCertTbsHash >> certificateHash.hex
cat certificateHash.hex | tr -d '\n'
Required: Yes
- jobArn
-
The ARN of a signing job.
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: Yes
- platformId
-
The ID of a signing platform.
Required: Yes
- profileVersionArn
-
The version of a signing profile.
Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: Yes
- signatureTimestamp
-
The timestamp of the signature that validates the profile or job.
Required: Yes
Request Body
The request does not have a request body.
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"revokedEntities": [ "string" ]
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- revokedEntities
-
A list of revoked entities (including zero or more of the signing profile ARN, signing job ARN, and certificate hashes) supplied as input to the API.
Type: Array of strings
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
You do not have sufficient access to perform this action.
HTTP Status Code: 403
- InternalServiceErrorException
-
An internal error occurred.
HTTP Status Code: 500
- TooManyRequestsException
-
The allowed number of job-signing requests has been exceeded.
This error supersedes the error
ThrottlingException
.HTTP Status Code: 429
- ValidationException
-
You signing certificate could not be validated.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: