Issuance history and revocation

Document Rails keeps track of all issued subordinate certificates and allows users to revoke them using the API.

Listing issued certificates

All issued certificates are grouped under the certificate authority, so to query them, you have to provide the certificate authority identifier.

List issued certificates (JavaScript)

import { listIssuedCertificates } from "@vaultie/document-rails";

const response = await listIssuedCertificates(
    client,
    accessToken,
    organizationId,
    certificateAuthorityId,
);

Revoking issued certificates

Certificates are revoked using the certificate authority identifier and the certificate serial number.

Certificate revocation lists are utilized to publish lists of revoked certificates.

Revocation is permanent

Document Rails does not provide an API to revert the revocation process.

Revoke a certificate (JavaScript)

import { revokeIssuedCertificate } from "@vaultie/document-rails";

await revokeIssuedCertificate(
    client,
    accessToken,
    organizationId,
    certificateAuthorityId,
    {
        // Unique certificate serial number in uppercase hex encoding.
        serial_number: "...",
    },
);