Login
      Contents x
      Sign End Csr
        • Print
        • PDF
        Contents

        Sign End Csr

          • Print
          • PDF
          Article summary

          Available in Classic and VPC

          Sign a new certificate with the provided CSR.

          Caution

          When you sign a new certificate, the previously issued CA certificate is returned.

          Note

          If the validity period of the CA signing the CSR is shorter than the validity period of the CSR, it can't sign it.

          Request

          The following describes the request format for the endpoint. The request format is as follows:

          MethodURI
          POST/ca/{caTag}/cert/sign

          Request headers

          For headers common to all Private CA APIs, see Common Private CA headers.

          Request path parameters

          The following describes the parameters.

          FieldTypeRequiredDescription
          caTagStringRequiredCA tag value

          Request body

          The following describes the request body.

          FieldTypeRequiredDescription
          csrPemStringRequiredCSR (PEM)
          • Enter a newline character (\n) after -----BEGIN CERTIFICATE REQUEST----- and in front of -----END CERTIFICATE REQUEST-----

          Request example

          The following is a sample request.

          curl --location --request POST 'https://pca.apigw.ntruss.com/api/v1/ca/********-********/cert/sign' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Content-Type: application/json' \
--data '{
    "csrPem": "-----BEGIN CERTIFICATE REQUEST-----\n{CSR}\n-----END CERTIFICATE REQUEST-----"
}'

          Response

          The following describes the response format.

          Response body

          The following describes the response body.

          FieldTypeRequiredDescription
          certificateString-CA certificate (PEM)
          caChainArray-Certificate chain (PEM)
          ocspResponderString-Online Certificate Status Protocol (OCSP) URL
          issuerString-Issuing CA (PEM)
          serialNoString-Certificate serial number

          Response status codes

          For response status codes common to all Private CA APIs, see Private CA response status codes.

          Response example

          The following is a sample example.

          {
    "code": "SUCCESS",
    "msg": "Success",
    "data": {
        "certificate": "-----BEGIN CERTIFICATE-----\n{Certificate}\n-----END CERTIFICATE-----",
        "caChain": [
            "-----BEGIN CERTIFICATE-----\n{CA Chain}\n-----END CERTIFICATE-----",
            "-----BEGIN CERTIFICATE-----\n{CA Chain}\n-----END CERTIFICATE-----"
        ],
        "ocspResponder": "",
        "issuer": "-----BEGIN CERTIFICATE-----\n{CA}\n-----END CERTIFICATE-----",
        "serialNo": "**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**"
    }
}
          Was this article helpful?
          What's Next
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout