Revoke KMIP Object

Revocation is permanent. Objects that are revoked cannot be moved back to Active, but the client can still retrieve any key material.

Request

Method

URI

PATCH

v5/kmipsrv_object/obj-uuid/ where obj-uuid is the UUID retrieved from the List KMIP Objects method. (For example: 1a680bd5-db9b-11e8-b14e-00505685f1d7.)

Privileges Required

SEC_ADMIN.

Parameters

Name

Type

Example

action

string

revoke

revcode

int

4

One of the standard KMIP reason codes corresponding to why the object is being revoked. The standard codes are:

1 — Unspecified
2 — Key Compromise
3 — CA Compromise
4 — Affiliation Changed
5 — Superseded
6 — Cessation of Operation
7 — Privilege Withdrawn

Any unrecognized value will be considered the same as "1 — Unspecified."

revmsg

string

Object affiliation has changed.

An optional string describing why the object is being revoked.

Response

Name

Type

Example

result

string

success

Errors

Reason

Example

Invalid Object ID

KMIP object not found