Issue End Cert

Prev Next

Available in Classic and VPC

Issue a private certificate through the created CA.

Request

The following describes the request format for the endpoint. The request format is as follows:

Method URI
POST /api/v1/ca/{caTag}/cert

Request headers

For information about the headers common to all CA APIs, see CA request headers.

Request path parameters

You can use the following path parameters with your request:

Field Type Required Description
caTag String Required CA tag value

Request body

The following describes the request body.

Field Type Required Description
keyType String Optional Key type
  • RSA2048 | RSA4096 | EC256 | EC521
period String Optional Validity period
  • 1 - 3650
  • Enter MAX to set it to the maximum allowable validity period
x509Parameters Object Required Advanced settings information
x509Parameters.commonName String Required General name
  • 1 - 64 characters
x509Parameters.altName String Optional DNS/email SANs
  • Enter domain/host name or email format
x509Parameters.organization String Optional Organization name
  • 0 - 64 characters
x509Parameters.organizationUnit String Optional Department name
  • 0 - 128 characters
x509Parameters.locality String Optional City name
  • 0 - 128 characters
  • <E.g.> Seoul
x509Parameters.stateProvince String Optional State/province or region name
  • 0 - 128 characters
  • <E.g.> Gyeonggi-do
x509Parameters.streetAddress String Optional Detailed address
  • 0 - 128 characters
x509Parameters.country String Optional Standard country code
x509Parameters.ip String Optional IP SANs
  • Enter in the IP address format

Request example

The following is a sample request.

curl --location --request POST 'https://pca.apigw.ntruss.com/api/v1/ca/********-********/cert' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Content-Type: application/json' \
--data '{
    "x509Parameters": {
        "commonName": "name000"
    }
}'

Response

The following describes the response format.

Response body

The following describes the response body.

Field Type Required Description
privateKey String - Certificate private key (PEM)
certificate String - Certificate (PEM)
serialNo String - Certificate serial number
caChain String - CA chain (PEM)
ocspResponder String - Online Certificate Status Protocol (OCSP) server certificate (PEM)
issuer String - Issuing CA (PEM)

Response status codes

For information about the HTTP status codes common to all CA APIs, see CA response status codes.

Response example

The following is a sample example.

{
    "code": "SUCCESS",
    "msg": "Success",
    "data": {
        "privateKey": "-----BEGIN RSA PRIVATE KEY-----\n{Private Key}\n-----END RSA PRIVATE KEY-----",
        "certificate": "-----BEGIN CERTIFICATE-----\n{Certificate}\n-----END CERTIFICATE-----",
        "caChain": "-----BEGIN CERTIFICATE-----\n{CA Chain}\n-----END CERTIFICATE-----",
        "ocspResponder": "",
        "issuer": "-----BEGIN CERTIFICATE-----\n{CA}\n-----END CERTIFICATE-----",
        "serialNo": "**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**"
    }
}
Business Registration Number: 129-86-31394 E-commerce Permit Number:No. 2009-GyeonggiSeongnam-0510
CEO: Kim Yuwon Address: NAVER Green Factory 17th–26th Floors, Buljeong-ro 6, Bundang-gu, Seongnam-si, Gyeonggi-do 13561, Republic of Korea. Customer Support Number: 1544-5876
© NAVER Cloud Corp. All Rights Reserved.