Activate Sub CA
- Print
- PDF
Activate Sub CA
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Available in Classic and VPC
Activate an intermediate certificate authority (CA) with a direct signing method using a signed certificate and the CA's certificate.
Caution
Be careful when using the issuing CA's certificate because it is not the CA's private key.
Request
The following describes the request format for the endpoint. The request format is as follows:
| Method | URI |
|---|---|
| POST | /ca/{caTag}/activate |
Request headers
For headers common to all Private CA APIs, see Common Private CA headers.
Request path parameters
The following describes the parameters.
| Field | Type | Required | Description |
|---|---|---|---|
caTag | String | Required | CA tag value
|
Request body
The following describes the request body.
| Field | Type | Required | Description |
|---|---|---|---|
certPem | String | Required | CA certificate (PEM)
|
caChainPem | String | Required | Signer certificate chain (PEM)
|
Request example
The following is a sample request.
curl --location --request POST 'https://pca.apigw.ntruss.com/api/v1/ca/*********-*********/activate' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Content-Type: application/json' \
--data '{
"certPem": "-----BEGIN CERTIFICATE-----\n{Certificate}\n-----END CERTIFICATE-----",
"caChainPem": "-----BEGIN CERTIFICATE-----\n{CA Chain}\n-----END CERTIFICATE-----"
}'
Response
The following describes the response format.
Response body
The following describes the response body.
| Field | Type | Required | Description |
|---|---|---|---|
code | String | - | Response code |
msg | String | - | Response message |
data | Object | - | Response result |
data.caInfo | Object | - | CA information |
data.caInfo.signingCount | Number | - | No. of certificates signed by CA |
data.caInfo.caType | String | - | CA type
|
data.caInfo.caId | Number | - | CA identifier |
data.caInfo.statusUpdateDate | String | - | Latest status change date and time (timestamp) |
data.destroyDate | String | - | Deletion date and time (timestamp) |
data.caInfo.alias | String | - | CA name |
data.caInfo.memo | String | - | CA memo |
data.caInfo.urlInfo | Object | - | URL information |
data.caInfo.urlInfo.ocsp | Array | - | Online Certificate Status Protocol (OCSP) URL |
data.caInfo.urlInfo.crl | Array | - | Certificate revocation list (CRL) URL |
data.caInfo.urlInfo.ca | Array | - | CA URL |
data.caTag | String | - | CA's tag value |
data.rgstDate | Number | - | Registration date and time (timestamp) |
data.status | String | - | CA status
|
data.caCertInfo | Object | - | CA certificate information |
data.caCertInfo.commonName | String | - | Common name |
data.caCertInfo.contry | String | - | Standard country code |
data.caCertInfo.issueName | String | - | Issued CA name |
data.caCertInfo.notAfterDate | Long | - | Certification expiration date and time (timestamp) |
data.caCertInfo.publicKeyAlgorithm | String | - | Encryption algorithm |
data.caCertInfo.notBeforeDate | Long | - | Certification validity start date and time (timestamp) |
data.caCertInfo.locality | String | - | City name |
data.caCertInfo.stateProvince | String | - | State/province or region name |
data.caCertInfo.organicationUnit | String | - | Department name |
data.caCertInfo.certPem | String | - | CA certificate (PEM) |
data.caCertInfo.chainPem | String | - | Certificate chain (PEM) |
data.caCertInfo.signatureAlgorithm | String | - | Signature algorithm |
data.caCertInfo.serialNo | String | - | Certificate serial number |
data.caCertInfo.caCertId | Long | - | Certification identifier |
data.caCertInfo.organization | String | - | Organization name |
Response status codes
For response status codes common to all Private CA APIs, see Private CA response status codes.
Response example
The following is a sample example.
{
"code": "SUCCESS",
"msg": "Success",
"data": {
"caInfo": {
"signingCount": 0,
"caType": "PRIVATE_SUB",
"caId": 18***,
"statusUpdateDate": null,
"destroyDate": null,
"alias": "caca002",
"memo": "",
"urlInfo": {
"ocsp": [],
"crl": [
"https://pca.apigw.ntruss.com/ext/*********-*********/crl"
],
"ca": [
"https://pca.apigw.ntruss.com/ext/*********-*********/ca"
]
},
"caTag": "*********-*********",
"rgstDate": 1723101003000,
"status": "PENDING"
},
"caCertInfo": {
"commonName": "name000",
"country": "KR",
"issuerName": "RootCA",
"notAfterDate": 1754637093000,
"publicKeyAlgorithm": "RSA",
"notBeforeDate": 1723101093000,
"locality": "Pangyo",
"stateProvince": "Seongnam-si",
"organizationUnit": "unit000",
"certPem": "-----BEGIN CERTIFICATE-----\n{Certificate}\n-----END CERTIFICATE-----",
"chainPem": "-----BEGIN CERTIFICATE-----\n{CA Chain}\n-----END CERTIFICATE-----",
"signatureAlgorithm": "SHA256withRSA",
"serialNo": "**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**",
"caCertId": 18173,
"organization": "org000"
}
}
}
Was this article helpful?