Issue End Cert

Article summary

Did you find this summary helpful?

Thank you for your feedback

Available in Classic and VPC

Issue a private certificate through the created CA.

Request

The following describes the request format for the endpoint. The request format is as follows:

Method	URI
POST	/ca/{caTag}/cert

Request headers

For headers common to all Private CA APIs, see Common Private CA headers.

Request path parameters

The following describes the parameters.

Field	Type	Required	Description
`caTag`	String	Required	CA tag value Check through Get CA list

Request body

The following describes the request body.

Field	Type	Required	Description
`keyType`	String	Optional	Key type `RSA2048` \| `RSA4096` \| `EC256` \| `EC521`
`period`	String	Optional	Validity period 1 - 3650 Enter `MAX` to set it to the maximum allowable validity period
`x509Parameters`	Object	Required	Advanced settings information
`x509Parameters.commonName`	String	Required	General name 1 - 64 characters
`x509Parameters.altName`	String	Optional	DNS/email SANs Enter domain/host name or email format
`x509Parameters.organization`	String	Optional	Organization name 0 - 64 characters
`x509Parameters.organizationUnit`	String	Optional	Department name 0 - 128 characters
`x509Parameters.locality`	String	Optional	City name 0 - 128 characters <E.g.> `Seoul`
`x509Parameters.stateProvince`	String	Optional	State/province or region name 0 - 128 characters <E.g.> `Gyeonggi-do`
`x509Parameters.streetAddress`	String	Optional	Detailed address 0 - 128 characters
`x509Parameters.country`	String	Optional	Standard country code See ISO 3166-1 alpha-2
`x509Parameters.ip`	String	Optional	IP SANs Enter in the IP address format

Request example

The following is a sample request.

curl --location --request POST 'https://pca.apigw.ntruss.com/api/v1/ca/********-********/cert' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Content-Type: application/json' \
--data '{
    "x509Parameters": {
        "commonName": "name000"
    }
}'

Response

The following describes the response format.

Response body

The following describes the response body.

Field	Type	Required	Description
`privateKey`	String	-	Certificate private key (PEM)
`certificate`	String	-	Certificate (PEM)
`serialNo`	String	-	Certificate serial number
`caChain`	String	-	CA chain (PEM)
`ocspResponder`	String	-	Online Certificate Status Protocol (OCSP) server certificate (PEM)
`issuer`	String	-	Issuing CA (PEM)

Response status codes

For response status codes common to all Private CA APIs, see Private CA response status codes.

Response example

The following is a sample example.

{
    "code": "SUCCESS",
    "msg": "Success",
    "data": {
        "privateKey": "-----BEGIN RSA PRIVATE KEY-----\n{Private Key}\n-----END RSA PRIVATE KEY-----",
        "certificate": "-----BEGIN CERTIFICATE-----\n{Certificate}\n-----END CERTIFICATE-----",
        "caChain": "-----BEGIN CERTIFICATE-----\n{CA Chain}\n-----END CERTIFICATE-----",
        "ocspResponder": "",
        "issuer": "-----BEGIN CERTIFICATE-----\n{CA}\n-----END CERTIFICATE-----",
        "serialNo": "**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**"
    }
}

Was this article helpful?

What's Next

Revoke End Cert

Table of contents

Request
Response