Method to Revoke Software Certificate Profiles in the FIMCM API?


  • Is there a method to revoke software/user certificate profiles via the APIs for FIMCM (CLM)?

    There is an API method (externalSubmitDisableRequest) for smart-card profiles - but one of its inputs is the smart-card serial number - which doesnt apply to non smart-card certificate profiles.

    Tuesday, December 20, 2011 9:42 PM

All replies

  • I also considered trying the RequestOperations.InitiateRetire method from Microsoft.CLM.Provision - but instead of taking a user uuid and profile uuid (as I hoped it would), it requires an actual Smartcard object as an input.
    Tuesday, December 20, 2011 10:25 PM
  • You will have to use the provisioning API to write your own procedures.


    Wednesday, December 21, 2011 1:18 PM
  • Brian,

    I dont immediately see where I can extend the calls of the Microsoft.CLM.Provision namespace.  Can you point me at something I am missing?

    If there were even a way to call a method that would update the status of a profile (to disabled) - I could then revoke the linked cert at the CA and then update FIMCM.  As it stands, I am tempted to try just flipping the status flag on the profile directly in the DB.


    Wednesday, December 21, 2011 5:19 PM
  • Did anyone find a solution for this? I have exactly the same problem. I can use the Microsoft.Clm.Provision.RequestOperations and Microsoft.Clm.Provision.ExecuteOperations classes to retire a smartcard. However there does not seem to be a method to revoke Profiles (soft tokens).


    Monday, November 19, 2012 12:11 PM