// Copyright (c) 2011 DMTF. All rights reserved. [Version ( "2.29.0" ), ClassConstraint { "/* The constraints below aim to efficiently */ /* represent a singular OctetString. Each of the properties*/ /* is a single encoded string, thus only the first element */ /* needs to be populated. */ inv:self.CreateCertificateSigningRequest.Subject->size()<=1 and self.CreateCertificateSigningRequest.AltSubject->size()<=1 and self.CreateCertificateSigningRequest.CSR->size()=1 and self.CreateSelfSignedCertificate.Subject->size()<=1 and self.CreateSelfSignedCertificate.AltSubject->size()<=1 and self.ImportEncodedCertificates.EncodedCertificates->size()=1 and self.ApplyCRL.EncodedCRL->size()=1 and self.ExportEncodedCertificates.EncodedCertificates->size()=1" }, UMLPackagePath ( "CIM::User::SecurityServices" ), Description ( "CIM_CertificateManagementService is used for managing X509 " "based certificates." )] class CIM_CertificateManagementService : CIM_KeyBasedCredentialManagementService { [Description ( "This method is called to request a Certificate Signing " "Request (CSR) based on the Distinguished Name provided " "through Subject parameter. The CSR utilizes PKCS#10 " "structure as defined in RFC2986. If either Subject " "parameter or AltSubject parameter are NULL, the method " "shall return 2 (Error Occured). If the " "PublicPrivateKeyPair parameter is NULL, then 1) " "PublicKeyAlgorithm shall specify the algorithm to be " "used for the public key, 2) the PublicKeySize shall " "specify the length for the public key in bits. If the " "PublicPrivateKeyPair parameter is NOT NULL then the " "following requirements shall apply: 1) the " "PublicKeyAlgorithm shall be NULL, 2) the PublicKeySize " "shall be NULL, 3) the PublicPrivateKeyPair shall " "reference an instance of CIM_UnsignedCredential " "representing the public/ private key pair to be used for " "the CSR. The OutputFormat parameter shall specify the " "output format of the CSR. If the OutputFormat parameter " "has a value that is not equal to any values in the " "OutputFormatsSupported property on the associated " "CIM_CertificateManagementCapabilities instance, then the " "method shall return 2 (Error Occured). Upon the " "successful execution, the CSR output parameter shall " "contain the CSR in PKCS#10 structure." ), ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096", "4097..32767", "32768..65535" }, Values { "Completed with No Error", "Not Supported", "Error Occured", "Busy", "Invalid Reference", "Invalid Parameter", "Access Denied", "DMTF Reserved", "Job Started", "Method Reserved", "Vendor Specified" }] uint32 CreateCertificateSigningRequest( [IN, Description ( "Subject shall contain information as required by " "section 4.1.2.6 of RFC 3280 and shall be formatted " "based on RFC 4514. An example of the value of the " "Subject parameter could be \"CN=Marshall T. Rose, " "O=Dover Beach Consulting, L=Santa Clara, " "ST=California, C=US\"." ), DN] string Subject, [IN, Description ( "Alternate subject identifier for the Certificate " "as specified by section 4.2.1.8 of RFC 3280." )] string AltSubject, [IN, Description ( "The PublicKeyAlgorithm specifies the algorithm to " "be used for the public key." ), ValueMap { "2", "3", "4", "..", "32768..65535" }, Values { "RSA", "DSA", "ECDSA", "DMTF Reserved", "Vendor Reserved" }] uint16 PublicKeyAlgorithm, [IN, Description ( "The PublicKeySize shall specify the length for the " "public key in bits." ), PUNIT ( "bit" )] uint16 PublicKeySize, [IN, Description ( "The PublicPrivateKeyPair parameter specifies a " "reference to an instance of CIM_UnsignedCredential " "which represents a public private key pair to be " "utilized by the CSR.The CIM_UnsignedCredential " "instance PublicKey and PublicKeyEncoding " "properties shall not be NULL." )] CIM_UnsignedCredential REF PublicPrivateKeyPair, [In, Description ( "The ExtendedKeyUsageValue indicates one or more " "purposes for which the certified public key may be " "used in the type specified by the " "ExtendedKeyUsageType parameter." ), ArrayType ( "Indexed" ), ModelCorrespondence { "CIM_CertificateManagementService.CreateCertificateSigningRequest.ExtendedKeyUsageType" }] string ExtendedKeyUsageValue[], [In, Description ( "Describes the type for ExtendedKeyUsageValue based " "on the ASN.1 GeneralName types." ), ValueMap { "1", "2", "3", "4", "5", "6", "7", "8", "9", "..", "32768..65535" }, Values { "other", "rfc822Name", "dNSName", "x400Address", "directoryName", "ediPartyName", "uniformResourceIdentifier", "iPAddress", "registeredID", "DMTF Reserved", "Vendor Reserved" }, ArrayType ( "Indexed" ), ModelCorrespondence { "CIM_CertificateManagementService.CreateCertificateSigningRequest.ExtendedKeyUsageValue" }] uint16 ExtendedKeyUsageType[], [In, Description ( "The SignatureAlgorithm parameter defines the " "signature algorithm used to sign the " "CertificateRequestInfo as part of the CSR as " "defined in RFC 2986. This parameter covers the " "algorithms specified in the RFC3279." ), ValueMap { "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "20..32767", "32768..65535" }, Values { "Other", "SHA1withDSA", "SHA1withECDSA", "SHA224withECDSA", "SHA256withECDSA", "SHA384withECDSA", "SHA512withECDSA", "GOST3411withGOST3410", "GOST3411withECGOST3410", "MD2withRSA", "MD5withRSA", "SHA1withRSA", "SHA224withRSA", "SHA256withRSA", "SHA384withRSA", "SHA512withRSA", "RIPEMD160withRSA", "RIPEMD128withRSA", "RIPEMD256withRSA", "DMTF Reserved", "Vendor Reserved" }] uint16 SignatureAlgorithm, [Required, IN, Description ( "The OutputFormat property represents the requested " "format of the Certificate Signing Request." ), ValueMap { "2", "3", "..", "32768..65535" }, Values { "PEM", "DER", "DMTF Reserved", "Vendor Reserved" }] uint16 OutputFormat, [IN ( false ), OUT, Description ( "Contains a reference to the ConcreteJob created to " "track the execution initiated by the method " "invocation. If the method returns 4096 - job " "started, then the parameter shall not have NULL " "value." )] CIM_ConcreteJob REF Job, [Required, IN ( false ), OUT, Description ( "The CSR parameter is an output parameter that upon " "successful exection of this method will contain " "the formated Certificate Signing Request.Only the " "first element of the array property shall be " "populated." ), OctetString] string CSR[]); [Description ( "This method is called to generate to generate a " "self-signed certificate. If either Subject parameter or " "AltSubject parameter are NULL, the method shall return 2 " "(Error Occured). If the PublicPrivateKeyPair parameter " "is NULL, the following numbered requirements shall " "apply: 1) the PublicKeyAlgorithm shall be non-NULL and " "specify the algorithm to be used for the public key, 3) " "the PublicKeySize shall be non-NULL and specify the " "length for the public key in bits. If the " "PublicPrivateKeyPair parameter is not NULL, the " "following numbered requirements shall apply: 1) the " "PublicKeyAlgorithm shall be NULL, 2) the PublicKeySize " "shall be NULL, 3) the PublicPrivateKeyPair shall " "reference an instance of CIM_UnsignedCredential " "representing the public/ private key pair to be used for " "the self signed certificate. Upon successful execution " "the reference to the newly created instance of " "CIM_X509Certificate shall be returned in the " "NewCertificate parameter which represents the " "self-signed certificate with the public/private key pair " "of the size specified by the KeySize parameter. If the " "Keystore parameter is not NULL, this instance shall be " "associated to the instance of CIM_Keystore referenced by " "the Keystore parameter through CIM_MemberOfCollection " "association. If the CredentialContext parameter is not " "NULL, the newly created instance shall be associated " "with the instance of CIM_ManagedElement referenced by " "the CredentialContext parameter through " "CIM_CredentialContext association. If the " "CredentialContext parameter is NULL, the newly created " "instance shall not be associated with the instance of " "CIM_ManagedElement through CIM_CredentialContext " "association." ), ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096", "4097..32767", "32768..65535" }, Values { "Completed with No Error", "Not Supported", "Error Occured", "Busy", "Invalid Reference", "Invalid Parameter", "Access Denied", "DMTF Reserved", "Job Started", "Method Reserved", "Vendor Specified" }] uint32 CreateSelfSignedCertificate( [IN, Description ( "Subject shall contain the information as required " "by section 4.1.2.6 of RFC 3280 and shall be " "formatted based on RFC 4514. An example of the " "value of the Subject parameter could be " "\"CN=Marshall T. Rose, O=Dover Beach Consulting, " "OU=Sales, L=Santa Clara, ST=California, C=US\"." ), DN] string Subject, [IN, Description ( "Alternate subject identifier for the Certificate " "as specified by section 4.2.1.8 of RFC 3280." )] string AltSubject, [IN, Description ( "The PublicKeyAlgorithm specifies the algorithm to " "be used for the public key." ), ValueMap { "2", "3", "4", "..", "32768..65535" }, Values { "RSA", "DSA", "ECDSA", "DMTF Reserved", "Vendor Reserved" }] uint16 PublicKeyAlgorithm, [IN, Description ( "The PublicKeySize shall specify the length for the " "public key in bits. The value shall be of power of " "2." ), PUNIT ( "bit" )] uint16 PublicKeySize, [IN, Description ( "The PublicPrivateKeyPair parameter specifies a " "reference to an instance of CIM_UnsignedCredential " "which represents a public private key pair to be " "utilized by the newly created selef signed " "certificate. The PublicKey and " "PublicKeyEncodingproperties of the instance of " "CIM_UnsignedCredentialshall be Non-NULL." )] CIM_UnsignedCredential REF PublicPrivateKeyPair, [IN, Description ( "The Keystore parameter denotes the reference to " "the instance of CIM_Keystore that represents the " "key store where the new certificate will be added." )] CIM_Keystore REF Keystore, [IN, Description ( "The managed element that represents the user or " "owner or the scoping element of the certificate. " "Such managed element could be the web service that " "owns the certificate or uses it for verification " "or account that the certificate is scoped to." )] CIM_ManagedElement REF CredentialContext, [IN, Description ( "The usage of the certificate by the managed " "element that the certificate is for or is scoped " "to." ), ValueMap { "2", "3", "4", "6", "7", "8", "..", "32768..65535" }, Values { "Owned", "Trusted", "Trusted for Authentication", "Trusted for Authorization", "Trusted for Authentication/Authorization", "Trusted for Third-Party Authentication/Authorization", "DMTF Reserved", "Vendor Reserved" }, ModelCorrespondence { "CIM_CredentialContext.Usage" }] uint16 Usage, [In, Description ( "The SignatureAlgorithm parameter defines the " "signature algorithm used to sign the " "TBSCertificate as defined in RFC 3280. This " "parameter covers the algorithms specified in the " "RFC3279." ), ValueMap { "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "20..32767", "32768..65535" }, Values { "Other", "SHA1withDSA", "SHA1withECDSA", "SHA224withECDSA", "SHA256withECDSA", "SHA384withECDSA", "SHA512withECDSA", "GOST3411withGOST3410", "GOST3411withECGOST3410", "MD2withRSA", "MD5withRSA", "SHA1withRSA", "SHA224withRSA", "SHA256withRSA", "SHA384withRSA", "SHA512withRSA", "RIPEMD160withRSA", "RIPEMD128withRSA", "RIPEMD256withRSA", "DMTF Reserved", "Vendor Reserved" }] uint16 SignatureAlgorithm, [IN ( false ), OUT, Description ( "Contains a reference to the ConcreteJob created to " "track the execution initiated by the method " "invocation. If the method returns 4096 - job " "started, then the parameter shall not have NULL " "value." )] CIM_ConcreteJob REF Job, [IN ( false ), OUT, Description ( "Reference to the newly created instance of " "CIM_X509Certificate representing the self signed " "certificate." )] CIM_X509Certificate REF SelfSignedCertificate); [Description ( "This method is called to import a certificate or a " "certificate chain using the certificate\'s encoded " "representation. Upon successful execution the array of " "references to the instance(s) of CIM_X509Certificate " "representing the imported certificate or certificate " "chain shall be returned inside the NewCertificates " "output parameter. If the Keystore parameter is not NULL, " "the newly created instance(s) of CIM_X509Certificate " "shall be associated to the instance of the CIM_Keystore " "referenced in the Keystore parameter. If the " "CredentialContext parameter is not NULL, the newly " "created instance(s) of the CIM_X509Certificate shall be " "associated to the insatnces of CIM_ManagedElement " "referenced in the CredentialContext property through the " "CIM_CredentialContext association. If the " "CredentialContext parameter is NULL, the newly created " "instance(s) of the CIM_X509Certificate shall not be " "associated to the insatnces of CIM_ManagedElement " "through the CIM_CredentialContext association." ), ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096", "4097..32767", "32768..65535" }, Values { "Completed with No Error", "Not Supported", "Error Occured", "Busy", "Invalid Reference", "Invalid Parameter", "Access Denied", "DMTF Reserved", "Job Started", "Method Reserved", "Vendor Specified" }] uint32 ImportEncodedCertificates( [Required, IN, Description ( "An array of strings representing octet string of " "an encoded certificate or certificate chain to be " "imported. Only the first element of the array " "property shall be populated, even if a certificate " "chain is imported." ), OctetString] string EncodedCertificates[], [Required, IN, Description ( "The Format shall specify the format for the " "encoding that is used by octet string " "EncodedCertificates parameter." ), ValueMap { "2", "3", "4", "5", "..", "32768..65535" }, Values { "DER", "PEM", "PKCS7", "PKCS12", "DMTF Reserved", "Vendor Reserved" }] uint16 Format, [IN, Description ( "The Keystore parameter denotes the reference to " "the instance of CIM_Keystore that represents the " "key store where the new certificate or certificate " "chain will be added." )] CIM_Keystore REF Keystore, [IN, Description ( "The managed element that represents the user or " "owner or the scoping element of the " "certificate(s). Such managed element could be the " "web service that owns the certificate(s) or uses " "it for verification or account that the " "certificate is scoped to." )] CIM_ManagedElement REF CredentialContext, [IN, Description ( "The usage of the certificate by the managed " "element that the certificate is for or is scoped " "to. If a certificate chain is imported, the " "sequence of elements in the Usage array shall " "correspond to the sequence of the certificates in " "the EncodedCertificates octet string parameter." ), ValueMap { "2", "3", "4", "6", "7", "8", "..", "32768..65535" }, Values { "Owned", "Trusted", "Trusted for Authentication", "Trusted for Authorization", "Trusted for Authentication/Authorization", "Trusted for Third-Party Authentication/Authorization", "DMTF Reserved", "Vendor Reserved" }, ArrayType ( "Indexed" ), ModelCorrespondence { "CIM_CredentialContext.Usage", "CIM_CertificateManagementService.ImportEncodedCertificates.NewCertificates" }] uint16 Usage[], [IN ( false ), OUT, Description ( "Contains a reference to the ConcreteJob created to " "track the execution initiated by the method " "invocation. If the method returns 4096 - job " "started, then the parameter shall not have NULL " "value." )] CIM_ConcreteJob REF Job, [Required, IN ( false ), OUT, Description ( "Reference to the newly created instance of " "CIM_X509Certificate representing the imported " "certificate or certificate chain." ), ArrayType ( "Indexed" ), ModelCorrespondence { "CIM_CertificateManagementService.ImportEncodedCertificates.Usage" }] CIM_X509Certificate REF NewCertificates[]); [Description ( "This method is called to import a certificate or a " "certificate chain using an array of embedded instance of " "CIM_X509Certificate. Upon successful execution the array " "of references to the instance(s) of CIM_X509Certificate " "representing the imported certificate or certificate " "chain shall be returned by the NewCertificates output " "parameter. If the Keystore parameter is not NULL, the " "newly created instance(s) of CIM_X509Certificate shall " "be associated to the instance of the CIM_Keystore " "referenced in the Keystore parameter. If the " "CredentialContext parameter is not NULL, the newly " "created instance(s) of the CIM_X509Certificate shall be " "associated to the insatnces of CIM_ManagedElement " "referenced in the CredentialContext property through the " "CIM_CredentialContext association.If the " "CredentialContext parameter is NULL, the newly created " "instance(s) of the CIM_X509Certificate shall not be " "associated to the insatnces of CIM_ManagedElement " "through the CIM_CredentialContext association." ), ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096", "4097..32767", "32768..65535" }, Values { "Completed with No Error", "Not Supported", "Error Occured", "Busy", "Invalid Reference", "Invalid Parameter", "Access Denied", "DMTF Reserved", "Job Started", "Method Reserved", "Vendor Specified" }] uint32 ImportCertificates( [Required, IN, Description ( "An array of embedded instance(s) of " "CIM_X509Certificate that contains the necessary " "information to import a certificate or a " "certificate chain." ), EmbeddedInstance ( "CIM_X509Certificate" )] string InputCertificates[], [IN, Description ( "The Keystore parameter denotes the reference to " "the instance of CIM_Keystore that represents the " "key store where the new certificate or certificate " "chain will be added." )] CIM_Keystore REF Keystore, [IN, Description ( "The managed element that represents the user or " "owner or the scoping element of the " "certificate(s). Such managed element could be the " "web service that owns the certificate(s) or uses " "it for verification or account that the " "certificate is scoped to." )] CIM_ManagedElement REF CredentialContext, [IN, Description ( "The usage of the certificate by the managed " "element that the certificate is for or is scoped " "to. If a certificate chain is imported, the " "sequence of elements in the Usage array shall " "correspond to the sequence of the certificates in " "the InputCertificates array parameter." ), ValueMap { "2", "3", "4", "6", "7", "8", "..", "32768..65535" }, Values { "Owned", "Trusted", "Trusted for Authentication", "Trusted for Authorization", "Trusted for Authentication/Authorization", "Trusted for Third-Party Authentication/Authorization", "DMTF Reserved", "Vendor Reserved" }, ArrayType ( "Indexed" ), ModelCorrespondence { "CIM_CredentialContext.Usage", "CIM_CertificateManagementService.ImportCertificates.InputCertificates", "CIM_CertificateManagementService.ImportCertificates.Usage" }] uint16 Usage[], [IN ( false ), OUT, Description ( "Contains a reference to the ConcreteJob created to " "track the execution initiated by the method " "invocation. If the method returns 4096 - job " "started, then the parameter shall not have NULL " "value." )] CIM_ConcreteJob REF Job, [Required, IN ( false ), OUT, Description ( "Reference to the newly created instance of " "CIM_X509Certificate representing the imported " "certificate or certificate chain." )] CIM_X509Certificate REF NewCertificates[]); [Description ( "This method is called to export a certificate or a " "certificate chain using the certificate\'s encoded " "representation. Upon successful execution the array of " "unsigned integers representing octet string of the " "exported certificate or certificate chain shall be " "returned inside the EncodedCertificates output parameter " "based on the encoding specified in the EncodingFormat " "parameter." ), ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096", "4097..32767", "32768..65535" }, Values { "Completed with No Error", "Not Supported", "Error Occured", "Busy", "Invalid Reference", "Invalid Parameter", "Access Denied", "DMTF Reserved", "Job Started", "Method Reserved", "Vendor Specified" }] uint32 ExportEncodedCertificates( [Required, IN, Description ( "Reference to the instance(s) of " "CIM_SignedCredential representing the certificate " "or certificate chain to be exported." )] CIM_X509Certificate REF CertificatesToExport[], [Required, IN, Description ( "The Format parameter specifies the format of the " "octet string EncodedCertificates parameter." ), ValueMap { "2", "3", "4", "5", "..", "32768..65535" }, Values { "DER", "Base64", "PKCS7", "PKCS12", "DMTF Reserved", "Vendor Reserved" }] uint16 Format, [IN ( false ), OUT, Description ( "Contains a reference to the ConcreteJob created to " "track the execution initiated by the method " "invocation. If the method returns 4096 - job " "started, then the parameter shall not have NULL " "value." )] CIM_ConcreteJob REF Job, [Required, IN ( false ), OUT, Description ( "An array of strings representing octet string of " "an exported encoded certificate or certificate " "chain. Only the first element of the array " "property shall be populated, even if a certificate " "chain is exported." ), OctetString] string EncodedCertificates[]); [Description ( "This method is called to apply Certificate Revocation " "List (CRL) using an encoded format. Upon successful " "execution the references to the instance(s) of " "CIM_X509CRL representing the applied CRL shall be " "returned inside the AppliedCRL output parameter. If the " "Keystore parameter is not NULL, the newly created " "instance(s) of CIM_X509CRL shall be associated to the " "instance of the CIM_Keystore referenced in the Keystore " "parameter. The newly created instance(s) of the " "CIM_X509CRL shall be associated to the insatnces of " "CIM_ManagedElement referenced in the CredentialContext " "property through the CIM_CredentialContext association." ), ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096", "4097..32767", "32768..65535" }, Values { "Completed with No Error", "Not Supported", "Error Occured", "Busy", "Invalid Reference", "Invalid Parameter", "Access Denied", "DMTF Reserved", "Job Started", "Method Reserved", "Vendor Specified" }] uint32 ApplyCRL( [Required, IN, Description ( "An array of unsigned integers representing octet " "string of an encoded CRL to be applied. Only the " "first element of the array property shall be " "populated." ), OctetString] string EncodedCRL[], [Required, IN, Description ( "The Format shall specify the format for the " "encoding that is used by octet string EncodedCRL " "parameter." ), ValueMap { "2", "3", "4", "5", "..", "32768..65535" }, Values { "DER", "PEM", "PKCS7", "PKCS12", "DMTF Reserved", "Vendor Reserved" }] uint16 Format, [IN, Description ( "The Keystore parameter denotes the reference to " "the instance of CIM_Keystore that represents the " "key store where the CRL will be applied." )] CIM_Keystore REF Keystore, [Required, IN, Description ( "The managed element that represents the service or " "the managed element for which the certificates " "were revoked by the application of the CRL." )] CIM_ManagedElement REF CredentialContext, [IN ( false ), OUT, Description ( "Contains a reference to the ConcreteJob created to " "track the execution initiated by the method " "invocation. If the method returns 4096 - job " "started, then the parameter shall not have NULL " "value." )] CIM_ConcreteJob REF Job, [Required, IN ( false ), OUT, Description ( "Reference to the newly created instance of " "CIM_X509CRL representing the applied CRL." )] CIM_X509CRL REF AppliedCRL); [Description ( "This method is called to apply Certificate Revocation " "List (CRL) using the decoded format. Upon successful " "execution the references to the instance(s) of " "CIM_X509CRL representing the applied CRL shall be " "returned inside the AppliedCRL output parameter. If the " "Keystore parameter is not NULL, the newly created " "instance(s) of CIM_X509CRL shall be associated to the " "instance of the CIM_Keystore referenced in the Keystore " "parameter. The newly created instance(s) of the " "CIM_X509CRL shall be associated to the insatnces of " "CIM_ManagedElement referenced in the CredentialContext " "property through the CIM_CredentialContext association." ), ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096", "4097..32767", "32768..65535" }, Values { "Completed with No Error", "Not Supported", "Error Occured", "Busy", "Invalid Reference", "Invalid Parameter", "Access Denied", "DMTF Reserved", "Job Started", "Method Reserved", "Vendor Specified" }] uint32 ApplyDecodedCRL( [Required, IN, Description ( "Issuer represents the information about the issuer " "of the CRL. The Issuer property shall contain " "information as required by section 4.1.2.4 of RFC " "3280 and shall be formatted based on RFC 4514. An " "example of the value of the Subject parameter " "could be \"CN=Marshall T. Rose, O=Dover Beach " "Consulting, OU=Sales, L=Santa Clara, " "ST=California, C=US\"." ), DN] string Issuer, [Required, IN, Description ( "An array of serial numbers of X.509 certificates " "that are part of CRL." ), OctetString] string SerialNumbers[], [IN, Description ( "The Keystore parameter denotes the reference to " "the instance of CIM_Keystore that represents the " "key store where the CRL will be applied." )] CIM_Keystore REF Keystore, [Required, IN, Description ( "The managed element that represents the service or " "the managed element for which the certificates " "were revoked by the application of the CRL." )] CIM_ManagedElement REF CredentialContext, [IN ( false ), OUT, Description ( "Contains a reference to the ConcreteJob created to " "track the execution initiated by the method " "invocation. If the method returns 4096 - job " "started, then the parameter shall not have NULL " "value." )] CIM_ConcreteJob REF Job, [Required, IN ( false ), OUT, Description ( "Reference to the newly created instance of " "CIM_X509CRL representing the applied CRL." )] CIM_X509CRL REF AppliedCRL); };