Remove User Certificate (QSYRMVUC, QsyRemoveUserCertificate) API


  Required Parameter Group for QSYRMVUC:

1 User profile Input Char(*)
2 Certificate Input Char(*)
3 Type Input Binary(4)
4 Length of certificate Input Binary(4)
5 Error code I/O Char(*)

  Default Public Authority: *USE

  Threadsafe: Yes



  Syntax for QsyRemoveUserCertificate:
 #include <qsydigid.h>

 void QsyRemoveUserCertificate(
                    void    *User_profile,
                    char    *Certificate,
                    int      Type,
                    int      Length_of_certificate,
                    void    *Error_code);
  Service Program: QSYDIGID

  Default Public Authority: *USE

  Threadsafe: Yes

The Remove User Certificate (OPM, QSYRMVUC; ILE, QsyRemoveUserCertificate) API removes a certificate from an IBM i user profile.


Authorities and Locks

User Profile Authority
If the user profile specified is not the current user for the job, the caller of this API must have *SECADM special authority and *USE and *OBJMGT authorities to the specified user profile.
If an EIM identifier is specified for the user profile name, the caller of this API must have *SECADM and *ALLOBJ special authority

Required Parameter Group

User profile
INPUT; CHAR(*)

The name of the user profile or the Enterprise Identity Mapping (EIM) identifier that holds the certificate. The following are valid selections:

*CURRENT The user profile that is currently running. The value must be 10 characters, blank padded.
user profile The name of the user profile. The value must be 10 characters, blank padded.
EIM identifier To specify an EIM identifier for this parameter, the data must have the following format:
char(8) The special value *EIMID.
binary(4) The hex length of the EIM identifier.
char(*) The EIM identifier.

Certificate
INPUT; CHAR(*)

The certificate or handle of the certificate that identifies the entire certificate that is to be removed. This is not a text string.

Type
INPUT; BINARY(4)

The type that identifies the contents in the certificate field.

The possible types are:

1 Entire X.509 public key certificate in Abstract Syntax Notation 1 Distinguished Encoding Rules (ASN.1 DER) encoding.
2 Certificate handle for X.509 certificate.
3 Base 64 encoded version of the entire X.509 public key certificate in ASN.1 DER encoding. Note that the characters of the Base 64 encoding are the ASCII representation and not the EBCDIC representation.

Length of certificate
INPUT; BINARY(4)

The length of the certificate or handle of the certificate that was specified.

Error code
I/O; CHAR(*)

The structure in which to return error information. For the format of the structure, see Error code parameter.


Error Messages

Message ID Error Message Text
CPFA0AA E Error occurred while attempting to obtain space.
CPF1F41 E Severe error occurred while addressing parameter list.
CPF2204 E User profile &1 not found.
CPF2213 E Not able to allocate user profile &1.
CPF2217 E Not authorized to user profile &1.
CPF222E E &1 special authority is required.
CPF2222 E Storage limit is greater than specified for user profile &1.
CPF227A E Certificate type is not valid.
CPF227B E Certificate is not correct for the specified type.
CPF227D E Certificate is not found.
CPF3BFF E Required option &1 is not available.
CPF3CF1 E Error code parameter not valid.
CPF3CF2 E Error(s) occurred during running of &1 API.
CPF3C1D E Length specified in parameter &1 not valid.
CPF3C1E E Required parameter &1 omitted.
CPF3C36 E Number of parameters, &1, entered for this API was not valid.
CPF3C90 E Literal value cannot be changed.
CPF4AB9 E User certificate function not successful.
CPF9872 E Program or service program &1 in library &2 ended. Reason code &3.

API introduced: V4R2

[ Back to top | Security APIs | APIs by category ]