Login
      Contents x
      Sign Sub Csr
        • Print
        • PDF
        Contents

        Sign Sub Csr

          • Print
          • PDF
          Article summary

          Available in Classic and VPC

          Issue a certificate to perform the role of an intermediate CA using a CA certificate.

          Request

          The following describes the request format for the endpoint. The request format is as follows:

          MethodURI
          POST/ca/{caTag}/sub/sign

          Request headers

          For headers common to all Private CA APIs, see Common Private CA headers.

          Request path parameters

          The following describes the parameters.

          FieldTypeRequiredDescription
          caTagStringRequiredCA tag value

          Request body

          The following describes the request body.

          FieldTypeRequiredDescription
          periodStringRequiredValidity period (days)
          • 1 - 3650
          csrPemStringRequiredCSR (PEM)
          • Enter a newline character (\n) after -----BEGIN CERTIFICATE REQUEST----- and in front of -----END CERTIFICATE REQUEST-----

          Request example

          The following is a sample request.

          curl --location --request POST 'https://pca.apigw.ntruss.com/api/v1/ca/********-********/sub/sign' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Content-Type: application/json' \
--data '{
    "period": "10",
    "csrPem": "-----BEGIN CERTIFICATE REQUEST-----\n{CSR}\n-----END CERTIFICATE REQUEST-----"
}'

          Response

          The following describes the response format.

          Response body

          The following describes the response body.

          FieldTypeRequiredDescription
          certificateString-CA certificate (PEM)
          caChainArray-Certificate chain (PEM)
          ocspResponderString-Online Certificate Status Protocol (OCSP) URL
          issuerString-Issuing CA (PEM)
          serialNoString-Certificate serial number

          Response status codes

          For response status codes common to all Private CA APIs, see Private CA response status codes.

          Response example

          The following is a sample example.

          {
    "code": "SUCCESS",
    "msg": "Success",
    "data": {
        "certificate": "-----BEGIN CERTIFICATE-----\n{Certificate}\n-----END CERTIFICATE-----",
        "caChain": [
            "-----BEGIN CERTIFICATE-----\n{CA Chain}\n-----END CERTIFICATE-----",
            "-----BEGIN CERTIFICATE-----\n{CA Chain}\n-----END CERTIFICATE-----",
            "-----BEGIN CERTIFICATE-----\n{CA Chain}\n-----END CERTIFICATE-----"
        ],
        "ocspResponder": "",
        "issuer": "-----BEGIN CERTIFICATE-----\n{CA}\n-----END CERTIFICATE-----",
        "serialNo": "**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**:**"
    }
}
          Was this article helpful?
          What's Next
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout