Merge pull request #10 from Keyfactor/revocation

dgaley · web-flow · commit cf43fa4888bb · 2025-06-23T14:58:32.000-04:00
Revocation
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,4 +3,7 @@ Inital Release.  Support for Enroll, Sync, and Revocation.
 
 1.0.1  
 Bugfix - sync records with null serial    
-Bugfix - Fix for custom fields in enrollment  
+Bugfix - Fix for custom fields in enrollment  
+
+1.0.2  
+Handle change to Sectigo API Revocation call  
diff --git a/sectigo-scm-caplugin/Client/SectigoClient.cs b/sectigo-scm-caplugin/Client/SectigoClient.cs
@@ -140,10 +140,11 @@ public async Task<List<Certificate>> PageCertificates(int position = 0, int size
 			return await ProcessResponse<List<Certificate>>(response);
 		}
 
-		public async Task<bool> RevokeSslCertificateById(int sslId, string revreason)
+		public async Task<bool> RevokeSslCertificateById(int sslId, int revcode, string revreason)
 		{
 			JObject o = JObject.FromObject(new
 			{
+				reasonCode = revcode,
 				reason = revreason
 			});
 			var response = await RestClient.PostAsJsonAsync($"api/ssl/v1/revoke/{sslId}", o);
diff --git a/sectigo-scm-caplugin/SectigoCAPlugin.cs b/sectigo-scm-caplugin/SectigoCAPlugin.cs
@@ -462,7 +462,7 @@ public async Task<int> Revoke(string caRequestID, string hexSerialNumber, uint r
 			try
 			{
 				var client = SectigoClient.InitializeClient(_config);
-				var response = Task.Run(async () => await client.RevokeSslCertificateById(int.Parse(caRequestID), RevokeReasonToString(revocationReason))).Result;
+				var response = Task.Run(async () => await client.RevokeSslCertificateById(int.Parse(caRequestID), (int)revocationReason, RevokeReasonToString(revocationReason))).Result;
 
 				_logger.MethodExit(LogLevel.Debug);
 				if (response)//will throw an exception if false
@@ -874,26 +874,18 @@ public static string RevokeReasonToString(UInt32 revokeType)
 		{
 			switch (revokeType)
 			{
+				case 0:
+					return "Unspecified";
 				case 1:
 					return "Compromised Key";
-
-				case 2:
-					return "CA Compromised";
-
 				case 3:
 					return "Affiliation Changed";
-
 				case 4:
 					return "Superseded";
-
 				case 5:
 					return "Cessation of Operation";
-
-				case 6:
-					return "Certificate Hold";
-
 				default:
-					return "Unspecified";
+					throw new Exception($"Invalid revocation code: {revokeType.ToString()}. Valid values are 0,1,3-5");
 			}
 		}
 	}

Original file line number	Diff line number	Diff line change
`@@ -140,10 +140,11 @@ public async Task<List<Certificate>> PageCertificates(int position = 0, int size`
`140`	`140`	`return await ProcessResponse<List<Certificate>>(response);`
`141`	`141`	`}`
`142`	`142`
`143`		`- public async Task<bool> RevokeSslCertificateById(int sslId, string revreason)`
	`143`	`+ public async Task<bool> RevokeSslCertificateById(int sslId, int revcode, string revreason)`
`144`	`144`	`{`
`145`	`145`	`JObject o = JObject.FromObject(new`
`146`	`146`	`{`
	`147`	`+ reasonCode = revcode,`
`147`	`148`	`reason = revreason`
`148`	`149`	`});`
`149`	`150`	`var response = await RestClient.PostAsJsonAsync($"api/ssl/v1/revoke/{sslId}", o);`