<div dir="ltr"><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono"">I try to revoke certificate from code I got exception with info about nonce. </pre><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono""></pre><blockquote>public void revokeAndApprove(int certificateId) { CertId certId = new CertId(certificateId); long nonce = new Random().nextLong(); CertRevokeRequest revokeRequest = new CertRevokeRequest(); revokeRequest.setReason(RevocationReason.KEY_COMPROMISE); revokeRequest.setComments("user request revoke"); revokeRequest.setNonce(nonce); CertRequestInfo revokeInfo = certClient.revokeCert(certId, revokeRequest);// here comes an exception CertReviewResponse reviewData = certClient.reviewRequest(revokeInfo.getRequestId()); reviewData.setNonce(""+nonce); log(reviewData.toString()); reviewData.setRequestNotes("revoke approved"); certClient.approveRequest(reviewData.getRequestId(), reviewData); } </blockquote><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono""> </pre><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote"><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono"">when I use this I get exception on line(certClient.revokeCert(...)) </pre></blockquote><blockquote> com.netscape.certsrv.base.BadRequestException: Nonce for cert-revoke 64 does not exist. at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:422) at com.netscape.certsrv.client.PKIConnection.getEntity(PKIConnection.java:436) at com.netscape.certsrv.client.PKIClient.getEntity(PKIClient.java:112) at com.netscape.certsrv.cert.CertClient.revokeCert(CertClient.java:75) at com.company.CAManager.revokeAndApprove(CAManager.java:186) </blockquote><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono""> </pre><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono"">and few other options I'v tried </pre><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote"><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono"">1. Long nonce = transportCert.getNonce(); // null</pre></blockquote><div></div><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote"><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono"">2. Long nonce = certClient.getCert(certId).getNonce() //also a null </pre></blockquote><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono""> </pre><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono"">puting null to setNonce, or not setting it at all give me: </pre><blockquote style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class="gmail_quote">com.netscape.certsrv.base.BadRequestException: Missing nonce. at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:422) at com.netscape.certsrv.client.PKIConnection.getEntity(PKIConnection.java:436) at com.netscape.certsrv.client.PKIClient.getEntity(PKIClient.java:112) at com.netscape.certsrv.cert.CertClient.revokeCert(CertClient.java:75) at com.company.CAManager.revokeAndApprove(CAManager.java:187) at com.company.Main.main(Main.java:21) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at com.intellij.rt.execution.application.AppMain.main(AppMain.java:140) </blockquote><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono""> </pre><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono"">I check browser form from enduser entity and nonce value looks like this:"certId:someLongRandomNumber" </pre><pre style="background-color:rgb(255,255,255);color:rgb(0,0,0);font-family:"DejaVu Sans Mono"">Am I not understanding usage of nonce or something in my code is wrong? </pre></div>