Create CA

Prev Next

Available in Classic and VPC

Create a private CA (root CA, intermediate CA) to issue certificates.

Request

The following describes the request format for the endpoint. The request format is as follows:

Method URI
POST /ca

Request headers

For headers common to all Private CA APIs, see Common Private CA headers.

Request query parameters

The following describes the parameters.

Field Type Required Description
issuerTag String Optional Parent CA tag value
caType String Required Type of CA to create
  • PRIVATE_ROOT | PRIVATE_SUB
    • PRIVATE_ROOT: root CA
    • PRIVATE_SUB: intermediate CA

Request body

The following describes the request body.

Field Type Required Description
alias String Required CA name
  • 3 to 15 characters, including English letters, numbers, and special characters "-" and "_", and it must start with a English letter
memo String Optional CA memo
keyType String Required Key type
  • RSA2048 | RSA4096 | EC256 | EC521
period String Required Validity period (days)
  • 1 - 3650
  • Enter MAX to set it to the maximum allowable validity period
x509Parameters Object Required Advanced settings information
x509Parameters.commonName String Required General name
  • 1 - 64 characters
x509Parameters.altName String Optional DNS/email SANs
  • Enter domain/host name or email format
x509Parameters.ip String Optional IP SANs
  • Enter in the IP address format
x509Parameters.contry String Optional Standard country code
x509Parameters.locality String Optional City name
  • 0 - 128 characters
  • <E.g.> Seoul
x509Parameters.stateProvince String Optional State/province or region name
  • 0 - 128 characters
  • <E.g.> Gyeonggi-do
x509Parameters.organization String Optional Organization name
  • 0 - 64 characters
x509Parameters.organicationUnit String Optional Department name
  • 0 - 128 characters

Request example

The following is a sample request.

curl --location --request POST 'https://pca.apigw.ntruss.com/api/v1/ca?caType=PRIVATE_ROOT' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Content-Type: application/json' \
--data '{
    "alias": "CA002",
    "keyType": "RSA2048",
    "period": "MAX",
    "x509Parameters": {
        "commonName": "name000",
        "country": "KOR",
        "organization": "org000",
        "organizationUnit": "org001",
        "locality": "Pangyo",
        "stateProvince": "Seongnam-si"
    }
}'

Response

The following describes the response format.

Response body

The following describes the response body.

Field Type Required Description
code String - Response code
msg String - Response message
data Object - Response result
data.caTag String - CA's tag value

Response status codes

For response status codes common to all Private CA APIs, see Private CA response status codes.

Response example

The following is a sample example.

{
    "code": "SUCCESS",
    "msg": "Success",
    "data": {
        "caTag": "********-********"
    }
}