Create CA

Prev Next

Available in Classic and VPC

Create a private CA (root CA, intermediate CA) to issue certificates.

Request

The following describes the request format for the endpoint. The request format is as follows:

Method URI
POST /api/v1/ca

Request headers

For information about the headers common to all CA APIs, see CA request headers.

Request query parameters

You can use the following query parameters with your request:

Field Type Required Description
issuerTag String Optional Parent CA tag value
caType String Required Type of CA to create
  • PRIVATE_ROOT | PRIVATE_SUB
    • PRIVATE_ROOT: root CA
    • PRIVATE_SUB: intermediate CA

Request body

The following describes the request body.

Field Type Required Description
alias String Required CA name
  • 3 to 15 characters, including English letters, numbers, and special characters "-" and "_", and it must start with a English letter
memo String Optional CA memo
keyType String Required Key type
  • RSA2048 | RSA4096 | EC256 | EC521
period String Required Validity period (days)
  • 1 - 3650
  • Enter MAX to set it to the maximum allowable validity period
x509Parameters Object Required Advanced settings information
x509Parameters.commonName String Required General name
  • 1 - 64 characters
x509Parameters.altName String Optional DNS/email SANs
  • Enter domain/host name or email format
x509Parameters.ip String Optional IP SANs
  • Enter in the IP address format
x509Parameters.contry String Optional Standard country code
x509Parameters.locality String Optional City name
  • 0 - 128 characters
  • <E.g.> Seoul
x509Parameters.stateProvince String Optional State/province or region name
  • 0 - 128 characters
  • <E.g.> Gyeonggi-do
x509Parameters.organization String Optional Organization name
  • 0 - 64 characters
x509Parameters.organicationUnit String Optional Department name
  • 0 - 128 characters

Request example

The following is a sample request.

curl --location --request POST 'https://pca.apigw.ntruss.com/api/v1/ca?caType=PRIVATE_ROOT' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Content-Type: application/json' \
--data '{
    "alias": "CA002",
    "keyType": "RSA2048",
    "period": "MAX",
    "x509Parameters": {
        "commonName": "name000",
        "country": "KOR",
        "organization": "org000",
        "organizationUnit": "org001",
        "locality": "Pangyo",
        "stateProvince": "Seongnam-si"
    }
}'

Response

The following describes the response format.

Response body

The following describes the response body.

Field Type Required Description
code String - Response code
msg String - Response message
data Object - Response result
data.caTag String - CA's tag value

Response status codes

For information about the HTTP status codes common to all CA APIs, see CA response status codes.

Response example

The following is a sample example.

{
    "code": "SUCCESS",
    "msg": "Success",
    "data": {
        "caTag": "********-********"
    }
}
Business Registration Number: 129-86-31394 E-commerce Permit Number:No. 2009-GyeonggiSeongnam-0510
CEO: Kim Yuwon Address: NAVER Green Factory 17th–26th Floors, Buljeong-ro 6, Bundang-gu, Seongnam-si, Gyeonggi-do 13561, Republic of Korea. Customer Support Number: 1544-5876
© NAVER Cloud Corp. All Rights Reserved.