@@ -925,7 +925,7 @@ The certificate is immutable. It can only be revoked by either the owner or a qu
925925 - no existing certificate with the same ` <Certificate's Issuer>:<Certificate's Serial Number> ` combination.
926926 - if certificates with the same ` <Certificate's Subject>:<Certificate's Subject Key ID> ` combination already exist:
927927 - the existing certificate must not be NOC certificate
928- - the sender's VID must match the vid field of the existing certificates.
928+ - the sender's VID must match the ` vid ` field of the existing certificates.
929929 - the signature (self-signature) and expiration date are valid.
930930 - parent certificate must be already stored on the ledger and a valid chain to some root certificate can be built.
931931
@@ -942,11 +942,10 @@ If a Revocation Distribution Point needs to be published (such as RFC5280 Certif
942942
943943If ` revoke-child ` flag is set to ` true ` then all the certificates in the chain signed by the revoked certificate will be revoked as well.
944944
945- Only the owner (sender) can revoke the certificate.
946945Root certificates can not be revoked this way, use ` PROPOSE_X509_CERT_REVOC ` and ` APPROVE_X509_ROOT_CERT_REVOC ` instead.
947946
948947- Who can send: Vendor account
949- - the sender's VID must match the vid field of the revoking certificates.
948+ - the sender's VID must match the ` vid ` field of the revoking certificates.
950949- Parameters:
951950 - subject: ` string ` - certificates's ` Subject ` is base64 encoded subject DER sequence bytes
952951 - subject_key_id: ` string ` - certificates's ` Subject Key Id ` in hex string format, e.g: ` 5A:88:0E:6C:36:53:D0:7F:B0:89:71:A3:F4:73:79:09:30:E6:2B:DB `
@@ -964,17 +963,14 @@ Root certificates can not be revoked this way, use `PROPOSE_X509_CERT_REVOC` an
964963
965964Removes the given X509 certificate (either intermediate or leaf) from approved and revoked certificates list.
966965
967- Only the owner (sender) can remove the certificate.
968966Root certificates can not be removed this way.
969967
970968- Who can send: Vendor account
971- - the sender's VID must match the vid field of the removing certificates.
969+ - the sender's VID must match the ` vid ` field of the removing certificates.
972970- Parameters:
973971 - subject: ` string ` - certificates's ` Subject ` is base64 encoded subject DER sequence bytes
974972 - subject_key_id: ` string ` - certificates's ` Subject Key Id ` in hex string format, e.g: ` 5A:88:0E:6C:36:53:D0:7F:B0:89:71:A3:F4:73:79:09:30:E6:2B:DB `
975973 - serial-number: ` optional(string) ` - certificate's serial number
976- - Who can send:
977- - Any role; owner
978974- CLI command:
979975 - ` dcld tx pki remove-x509-cert --subject=<base64 string> --subject-key-id=<hex string> --from=<account> `
980976
@@ -1145,7 +1141,7 @@ This transaction adds a NOC root certificate owned by the Vendor.
11451141 - no existing certificate with the same ` <Certificate's Issuer>:<Certificate's Serial Number> ` combination.
11461142 - if certificates with the same ` <Certificate's Subject>:<Certificate's Subject Key ID> ` combination already exist:
11471143 - the existing certificate must be NOC root certificate
1148- - the sender's VID must match the vid field of the existing certificates.
1144+ - the sender's VID must match the ` vid ` field of the existing certificates.
11491145 - the signature (self-signature) and expiration date must be valid.
11501146- Parameters:
11511147 - cert: ` string ` - The NOC Root Certificate, encoded in X.509v3 PEM format. Can be a PEM string or a file path.
0 commit comments