POST Monitoring Revocation Test

The POST /Monitoring/Revocation/Test method is used to test email alerts for a single configured revocation monitoring endpointClosed An endpoint is a URL that enables the API to gain access to resources on a server.. This method returns HTTP 200 OK on a success with details about the email message generated for each alert.

Tip:  Alerts are generated when a CRLClosed A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their scheduled expiration date and should no longer be trusted. is expired or in the warning period as defined by the number of days configured in the Email Reminder setting. For example, if you had a CRL that expired on June 30 and configured the email reminder period to 15 days before expiration, the warning status would begin for that CRL on June 15 and CRL alerts would be generated. A warning will also appear for any CRL or OCSP locations that produced an error or couldn’t be resolved.

When alerts are tested or sent on a schedule, corresponding message are also written to the system event log on the server where the Keyfactor Command service runs. For testing, this is true regardless of the setting of the SendAlerts flag. Information is logged to the event log for both locations that are in a good state (e.g. CRL resolves and is not in a warning or expired state or response from OCSP) and locations that are in an error state (e.g. CRL resolves but is in the warning period or expired, CRL is expired, CRL or OCSP location does not resolve).

Tip:  The following permissions (see Security Roles and Claims) are required to use this feature:
/monitoring/alerts/read/
/monitoring/alerts/test/

Table 479: POST Monitoring Revocation Test Input Parameters

Name Description
AlertId Required. An integer indicating the reference ID of revocation monitoring alert to test.
EvaluationDate

Required. A string indicating the evaluation date/time for the test. The date and time should be given using the ISO 8601 UTC time format YYYY-MM-DDTHH:mm:ss.000Z (e.g. 2023-11-19T16:23:01Z).

You can use the date to simulate running the alerts a month from now instead of today, for example, or put in a date far in the future to be sure you pick up some expiring CRLs for testing purposes.
SendAlerts

A Boolean indicating whether to send alert emails with the test (true) or not (false). The default is false.

Table 480: POST Monitoring Revocation Test Response Data

Parameter Description
RevocationMonitoringAlerts

An array of objects containing alert details resulting from the test. ClosedShow revocation monitoring alert details.

Name Description
Subject

A string indicating the email message subject for each alert. The content of this subject is not user configurable.
Message

A string indicating the email message that will be delivered for each alert. The content of this message is not user configurable.
Recipients

An array of strings containing the recipient(s) for the alert.
AlertBuildResult A string indicating the outcome of the test (e.g. Success).
Tip:  See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor APIClosed A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflowClosed A workflow is a series of steps necessary to complete a process. In the context of Keyfactor Command, it refers to the workflow builder, which allows you automate event-driven tasks when a certificate is requested or revoked. development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon () at the top of the Management Portal page next to the Log Out button.