...
Method | Endpoint | Parameter | Returned values | ||||||
---|---|---|---|---|---|---|---|---|---|
Name | Is required? | Transfer method | Description | Name | Always returned? | Transfer method | Description | ||
GET | /v1/certificate/{caName} | CA name | Yes | Path parameter | Name of Certificate Authority which should sign sent CSR. Must match CertService's CMPv2 servers configuration. | Error message | No, only if error occurred on server side | Body (JSON) | Verbose information what wrong happened on server side. |
Base64 encoded CSR (Certificate Signing Request) | Yes | Header | Certificate Signing Request for given component | Certificate chain | No, only in success case. | Body (JSON) | Base64 encoded | ||
Base64 encoded private key | Yes | Header | Private key. Needed to create proof of possession (PoP) | Trusted certificates | No, only in success case. | Body (JSON) | Base64 encoded |
Return HTTP codes:
HTTP code | Description |
---|---|
200 (OK) | Everything is ok. Certificate chain and trusted certificates returned |
400 (Bad Request) | Incorrect/missing CSR and/or private key |
401 (Unauthorized) | Missing client certificate or presented certificate is not trusted |
404 (Not found) | Invalid CA name in REST API call or wrong endpoint called |
500 (Internal Server Error) | In case of exception on server side. |
...
As the successful result of running CertService's client (exitCode = 0) following artifacts are created:
Name | Description | |
---|---|---|
keystore.jks | Keystore with certificate chain. Protected by random generated password. | |
keystore.pass | File with password to keystore | |
truststore.jks | Truststore with all trusted certificates. Protected by random generated password. | |
truststore.pass | File with password to truststore |
In case of error CertService's client returns other exit codes (errorCode != 0).
...