signer / Client / get_revocation_status
get_revocation_status#
- signer.Client.get_revocation_status(**kwargs)#
Retrieves the revocation status of one or more of the signing profile, signing job, and signing certificate.
See also: AWS API Documentation
Request Syntax
response = client.get_revocation_status( signatureTimestamp=datetime(2015, 1, 1), platformId='string', profileVersionArn='string', jobArn='string', certificateHashes=[ 'string', ] )
- Parameters:
signatureTimestamp (datetime) –
[REQUIRED]
The timestamp of the signature that validates the profile or job.
platformId (string) –
[REQUIRED]
The ID of a signing platform.
profileVersionArn (string) –
[REQUIRED]
The version of a signing profile.
jobArn (string) –
[REQUIRED]
The ARN of a signing job.
certificateHashes (list) –
[REQUIRED]
A list of composite signed hashes that identify certificates.
A certificate identifier consists of a subject certificate TBS hash (signed by the parent CA) combined with a parent CA TBS hash (signed by the parent CA’s CA). Root certificates are defined as their own CA.
The following example shows how to calculate a hash for this parameter using OpenSSL commands:
openssl asn1parse -in childCert.pem -strparse 4 -out childCert.tbs
openssl sha384 < childCert.tbs -binary > childCertTbsHash
openssl asn1parse -in parentCert.pem -strparse 4 -out parentCert.tbs
openssl sha384 < parentCert.tbs -binary > parentCertTbsHash xxd -p childCertTbsHash > certificateHash.hex xxd -p parentCertTbsHash >> certificateHash.hex
cat certificateHash.hex | tr -d '\n'
(string) –
- Return type:
dict
- Returns:
Response Syntax
{ 'revokedEntities': [ 'string', ] }
Response Structure
(dict) –
revokedEntities (list) –
A list of revoked entities (including zero or more of the signing profile ARN, signing job ARN, and certificate hashes) supplied as input to the API.
(string) –
Exceptions