MENU
      Create CA

        Create CA


        Article summary

        Available in Classic and VPC

        Create a private CA (root CA, intermediate CA) to issue certificates.

        Request

        The following describes the request format for the endpoint. The request format is as follows:

        MethodURI
        POST/ca

        Request headers

        For headers common to all Private CA APIs, see Common Private CA headers.

        Request query parameters

        The following describes the parameters.

        FieldTypeRequiredDescription
        issuerTagStringOptionalParent CA tag value
        caTypeStringRequiredType of CA to create
        • PRIVATE_ROOT | PRIVATE_SUB
          • PRIVATE_ROOT: root CA
          • PRIVATE_SUB: intermediate CA

        Request body

        The following describes the request body.

        FieldTypeRequiredDescription
        aliasStringRequiredCA name
        • 3 to 15 characters, including English letters, numbers, and special characters "-" and "_", and it must start with a English letter
        memoStringOptionalCA memo
        keyTypeStringRequiredKey type
        • RSA2048 | RSA4096 | EC256 | EC521
        periodStringRequiredValidity period (days)
        • 1 - 3650
        • Enter MAX to set it to the maximum allowable validity period
        x509ParametersObjectRequiredAdvanced settings information
        x509Parameters.commonNameStringRequiredGeneral name
        • 1 - 64 characters
        x509Parameters.altNameStringOptionalDNS/email SANs
        • Enter domain/host name or email format
        x509Parameters.ipStringOptionalIP SANs
        • Enter in the IP address format
        x509Parameters.contryStringOptionalStandard country code
        x509Parameters.localityStringOptionalCity name
        • 0 - 128 characters
        • <E.g.> Seoul
        x509Parameters.stateProvinceStringOptionalState/province or region name
        • 0 - 128 characters
        • <E.g.> Gyeonggi-do
        x509Parameters.organizationStringOptionalOrganization name
        • 0 - 64 characters
        x509Parameters.organicationUnitStringOptionalDepartment name
        • 0 - 128 characters

        Request example

        The following is a sample request.

        curl --location --request POST 'https://pca.apigw.ntruss.com/api/v1/ca?caType=PRIVATE_ROOT' \
        --header 'x-ncp-apigw-timestamp: {Timestamp}' \
        --header 'x-ncp-iam-access-key: {Access Key}' \
        --header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
        --header 'Content-Type: application/json' \
        --data '{
            "alias": "CA002",
            "keyType": "RSA2048",
            "period": "MAX",
            "x509Parameters": {
                "commonName": "name000",
                "country": "KOR",
                "organization": "org000",
                "organizationUnit": "org001",
                "locality": "Pangyo",
                "stateProvince": "Seongnam-si"
            }
        }'
        Shell

        Response

        The following describes the response format.

        Response body

        The following describes the response body.

        FieldTypeRequiredDescription
        codeString-Response code
        msgString-Response message
        dataObject-Response result
        data.caTagString-CA's tag value

        Response status codes

        For response status codes common to all Private CA APIs, see Private CA response status codes.

        Response example

        The following is a sample example.

        {
            "code": "SUCCESS",
            "msg": "Success",
            "data": {
                "caTag": "********-********"
            }
        }
        JSON

        Was this article helpful?

        Changing your password will log you out immediately. Use the new password to log back in.
        First name must have atleast 2 characters. Numbers and special characters are not allowed.
        Last name must have atleast 1 characters. Numbers and special characters are not allowed.
        Enter a valid email
        Enter a valid password
        Your profile has been successfully updated.