@Override
public void revokeCa(String caName, CertRevocationInfo revocationInfo) throws CaMgmtException {
caName = Args.toNonBlankLower(caName, "caName");
Args.notNull(revocationInfo, "revocationInfo");
asssertMasterMode();
if (!x509cas.containsKey(caName)) {
throw new CaMgmtException(concat("unkown CA ", caName));
}
LOG.info("revoking CA '{}'", caName);
X509Ca ca = x509cas.get(caName);
CertRevocationInfo currentRevInfo = ca.getCaInfo().getRevocationInfo();
if (currentRevInfo != null) {
CrlReason currentReason = currentRevInfo.getReason();
if (currentReason != CrlReason.CERTIFICATE_HOLD) {
throw new CaMgmtException(concat("CA ", caName, " has been revoked with reason ",
currentReason.name()));
}
}
queryExecutor.revokeCa(caName, revocationInfo);
try {
ca.revokeCa(revocationInfo, CaAuditConstants.MSGID_ca_mgmt);
} catch (OperationException ex) {
throw new CaMgmtException(concat("could not revoke CA ", ex.getMessage()), ex);
}
LOG.info("revoked CA '{}'", caName);
auditLogPciEvent(true, concat("REVOKE CA ", caName));
}