Register a new certificate authority

Body required

application/json

Certificate authority to register

certificate

string required

name

string required

trustedForClientAuthentication

boolean required

trustedForServerAuthentication

boolean required

outdatedRevocationStatusPolicy

string required

Enum revoked unknown lastavailablestatus

public

boolean required

subjectKeyIdentifier

string | null

responderUrl

string | null

crlUrl

string | null

refresh

string | null (FiniteDuration)

timeout

string | null (FiniteDuration)

proxy

string | null

cacheTimeToIdle

string | null (FiniteDuration)

downloadable

boolean

identifierMapping

string (TemplateString)

A template string to apply to determine the principal identifier when a certificate from this CA is used for client authentication

nameMapping

string (TemplateString)

A template string to apply to determine the principal name when a certificate from this CA is used for client authentication

emailMapping

string (TemplateString)

A template string to apply to determine the principal email when a certificate from this CA is used for client authentication

Responses

201 Certificate authority successfully registered

_id

string (Internal ID) required

Object internal ID

certificate

object (CFCertificate) required

string required

The certificate's Distinguished Name

dnElements

array of object (CFDistinguishedName) required

Array [

type

string required

value

string required

]

issuerDn

string required

The certificate's issuer Distinguished Name

notBefore

integer required

The certificate's start date in milliseconds since the epoch

notAfter

integer required

The certificate's expiration date in milliseconds since the epoch

keyType

string (Keytype) required

The certificate's key type

signingAlgorithm

string required

The certificate's signing algorithm

pem

string required

The certificate's PEM-encoded content

subjectKeyIdentifier

string required

certificateThumbprint

string required

The certificate's thumbprint

certificateSHAOneThumbprint

string required

The thumbprint of the certificate using SHAOne algorithm

publicKeyThumbprint

string required

The certificate's public key thumbprint

keyUsages

array of string required

The certificate key's usage

isKeyUsagesCritical

boolean required

If the key usage of the certificate are critical

extendedKeyUsages

array of string required

The certificate extended key's usage

isExtendedKeyUsagesCritical

boolean required

If the extended key usage are critical

selfSigned

boolean required

Whether the certificate is self-signed

serial

string

The certificate's serial number

sans

array of objects (SubjectAlternateName)

The certificate's SAN

Array [

sanType

string required

The type of the SAN

Enum RFC822NAME DNSNAME URI IPADDRESS OTHERNAME_UPN OTHERNAME_GUID REGISTERED_ID

value

string required

The value of the SAN

]

basicConstraints

object

isCa

boolean required

If the certificate is type of CA

pathLen

integer

The path len of the certificate

extensions

array of objects | null (CertificateExtension)

The certificate's extensions

Array [

key

string required

The extension's type

Enum ms_sid ms_template ms_template_v2

value

string required

The extension's value

]

crldps

array of string

The certificate's CRLDP if any

aias

object

The certificate's AIA

ocsp

array of string

The OCSP certificate AIA

crt

array of string

The CRT certificate AIA

policies

array of object

Array [

oid

string required

urls

array of string

]

authorityKeyIdentifier

string

The certificate AKI

unsupportedExtensions

array of object

Array [

oid

string required

hex

string required

]

name

string required

trustedForClientAuthentication

boolean required

trustedForServerAuthentication

boolean required

outdatedRevocationStatusPolicy

string required

Enum revoked unknown lastavailablestatus

public

boolean required

subjectKeyIdentifier

string | null

responderUrl

string | null

crlUrl

string | null

refresh

string | null (FiniteDuration)

timeout

string | null (FiniteDuration)

proxy

string | null

cacheTimeToIdle

string | null (FiniteDuration)

downloadable

boolean

identifierMapping

string (TemplateString)

A template string to apply to determine the principal identifier when a certificate from this CA is used for client authentication

nameMapping

string (TemplateString)

A template string to apply to determine the principal name when a certificate from this CA is used for client authentication

emailMapping

string (TemplateString)

A template string to apply to determine the principal email when a certificate from this CA is used for client authentication

400 Bad Request

401 Unauthorized request

403 Forbidden action

500 Internal Server error

post

/api/v1/cas

{

"certificate": "string" ,

"name": "string" ,

"subjectKeyIdentifier": "string" ,

"responderUrl": "string" ,

"crlUrl": "string" ,

"refresh": "string" ,

"trustedForClientAuthentication": true ,

"trustedForServerAuthentication": true ,

"outdatedRevocationStatusPolicy": "revoked" ,

"timeout": "string" ,

"proxy": "string" ,

"cacheTimeToIdle": "string" ,

"public": true ,

"downloadable": true ,

"identifierMapping": "{{certificate.dn}}" ,

"nameMapping": "{{certificate.subject.cn.1}}" ,

"emailMapping": "{{certificate.san.rfc822name.1}}"

}