:doc:`signer <../../signer>` / Client / get_revocation_status

*********************
get_revocation_status
*********************



.. py:method:: signer.Client.get_revocation_status(**kwargs)

  

  Retrieves the revocation status of one or more of the signing profile, signing job, and signing certificate.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/signer-2017-08-25/GetRevocationStatus>`_  


  **Request Syntax**
  ::

    response = client.get_revocation_status(
        signatureTimestamp=datetime(2015, 1, 1),
        platformId='string',
        profileVersionArn='string',
        jobArn='string',
        certificateHashes=[
            'string',
        ]
    )
    
  :type signatureTimestamp: datetime
  :param signatureTimestamp: **[REQUIRED]** 

    The timestamp of the signature that validates the profile or job.

    

  
  :type platformId: string
  :param platformId: **[REQUIRED]** 

    The ID of a signing platform.

    

  
  :type profileVersionArn: string
  :param profileVersionArn: **[REQUIRED]** 

    The version of a signing profile.

    

  
  :type jobArn: string
  :param jobArn: **[REQUIRED]** 

    The ARN of a signing job.

    

  
  :type certificateHashes: list
  :param certificateHashes: **[REQUIRED]** 

    A list of composite signed hashes that identify certificates.

     

    A certificate identifier consists of a subject certificate TBS hash (signed by the parent CA) combined with a parent CA TBS hash (signed by the parent CA’s CA). Root certificates are defined as their own CA.

     

    The following example shows how to calculate a hash for this parameter using OpenSSL commands:

     

    ``openssl asn1parse -in childCert.pem -strparse 4 -out childCert.tbs``

     

    ``openssl sha384 < childCert.tbs -binary > childCertTbsHash``

     

    ``openssl asn1parse -in parentCert.pem -strparse 4 -out parentCert.tbs``

     

    ``openssl sha384 < parentCert.tbs -binary > parentCertTbsHash xxd -p childCertTbsHash > certificateHash.hex xxd -p parentCertTbsHash >> certificateHash.hex``

     

    ``cat certificateHash.hex | tr -d '\n'``

    

  
    - *(string) --* 

    

  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'revokedEntities': [
              'string',
          ]
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **revokedEntities** *(list) --* 

        A list of revoked entities (including zero or more of the signing profile ARN, signing job ARN, and certificate hashes) supplied as input to the API.

        
        

        - *(string) --* 
    
  
  **Exceptions**
  
  *   :py:class:`signer.Client.exceptions.ValidationException`

  
  *   :py:class:`signer.Client.exceptions.AccessDeniedException`

  
  *   :py:class:`signer.Client.exceptions.TooManyRequestsException`

  
  *   :py:class:`signer.Client.exceptions.InternalServiceErrorException`

  