MENU
      Issue End Cert

        Issue End Cert


        Article summary

        Available in Classic and VPC

        Issue a private certificate through the created CA.

        Request

        The following describes the request format for the endpoint. The request format is as follows:

        MethodURI
        POST/ca/{caTag}/cert

        Request headers

        For headers common to all Private CA APIs, see Common Private CA headers.

        Request path parameters

        The following describes the parameters.

        FieldTypeRequiredDescription
        caTagStringRequiredCA tag value

        Request body

        The following describes the request body.

        FieldTypeRequiredDescription
        keyTypeStringOptionalKey type
        • RSA2048 | RSA4096 | EC256 | EC521
        periodStringOptionalValidity period
        • 1 - 3650
        • Enter MAX to set it to the maximum allowable validity period
        x509ParametersObjectRequiredAdvanced settings information
        x509Parameters.commonNameStringRequiredGeneral name
        • 1 - 64 characters
        x509Parameters.altNameStringOptionalDNS/email SANs
        • Enter domain/host name or email format
        x509Parameters.organizationStringOptionalOrganization name
        • 0 - 64 characters
        x509Parameters.organizationUnitStringOptionalDepartment name
        • 0 - 128 characters
        x509Parameters.localityStringOptionalCity name
        • 0 - 128 characters
        • <E.g.> Seoul
        x509Parameters.stateProvinceStringOptionalState/province or region name
        • 0 - 128 characters
        • <E.g.> Gyeonggi-do
        x509Parameters.streetAddressStringOptionalDetailed address
        • 0 - 128 characters
        x509Parameters.countryStringOptionalStandard country code
        x509Parameters.ipStringOptionalIP SANs
        • Enter in the IP address format

        Request example

        The following is a sample request.

        curl --location --request POST 'https://pca.apigw.ntruss.com/api/v1/ca/********-********/cert' \
        --header 'x-ncp-apigw-timestamp: {Timestamp}' \
        --header 'x-ncp-iam-access-key: {Access Key}' \
        --header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
        --header 'Content-Type: application/json' \
        --data '{
            "x509Parameters": {
                "commonName": "name000"
            }
        }'
        Shell

        Response

        The following describes the response format.

        Response body

        The following describes the response body.

        FieldTypeRequiredDescription
        privateKeyString-Certificate private key (PEM)
        certificateString-Certificate (PEM)
        serialNoString-Certificate serial number
        caChainString-CA chain (PEM)
        ocspResponderString-Online Certificate Status Protocol (OCSP) server certificate (PEM)
        issuerString-Issuing CA (PEM)

        Response status codes

        For response status codes common to all Private CA APIs, see Private CA response status codes.

        Response example

        The following is a sample example.

        {
            "code": "SUCCESS",
            "msg": "Success",
            "data": {
                "privateKey": "-----BEGIN RSA PRIVATE KEY-----\n{Private Key}\n-----END RSA PRIVATE KEY-----",
                "certificate": "-----BEGIN CERTIFICATE-----\n{Certificate}\n-----END CERTIFICATE-----",
                "caChain": "-----BEGIN CERTIFICATE-----\n{CA Chain}\n-----END CERTIFICATE-----",
                "ocspResponder": "",
                "issuer": "-----BEGIN CERTIFICATE-----\n{CA}\n-----END CERTIFICATE-----",
                "serialNo": "**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**"
            }
        }
        JSON

        Was this article helpful?

        Changing your password will log you out immediately. Use the new password to log back in.
        First name must have atleast 2 characters. Numbers and special characters are not allowed.
        Last name must have atleast 1 characters. Numbers and special characters are not allowed.
        Enter a valid email
        Enter a valid password
        Your profile has been successfully updated.