API Method- createCertificatesByIdWithMultipleCsrData
Last updated
Last updated
Use the “createCertificatesByIdWithMultipleCsrData” method for creating Certificates with multiple CSR data.
POST
Request URL
Parameter
Presence
Data Type
Description
applicationId
M
string
Pass the Application ID.
profileID
M
string
Pass the Profile Id to be used to create the Certificate.
subscriberId
M
string
Pass the Subscriber ID.
validFrom
O
string
Pass the validFrom in the form of (Days : Months :Years Hours : Minutes : Second).
validity
O
string
Pass the validity in the form of (Days : Hours : Minutes
: Seconds)Days - 36135 maximum days Hours - 23 max hours Minutes - 59 max minute Seconds - 59 max second
to create certificate with the given validity.
signature
M
String
Pass Signed data you want to validate or verify.
Refer section 6.29 for the signature generation.
userName
M
String
You need to pass username that is registered with emCA for API process.
password
M
String
You need to pass the password that is registered with emCA for API process.
Sample JSON Object
Parameter
Presence
Data Type
Description
requestData
M
String
All the request input parameters mentioned above should be converted to JSON object and encrypted with AES 256 key shared with you by the emCA team.
Pass Encrypted JSON Object.
userName
M
String
You need to pass username that is registered with emCA for API process.
Key
Presence
Value
Description
Application / JSON
M
Content-Type
Type of request should be in JSON Format.
Authentication Key
M
emKey
emKey is an encoded key (Refer section 4 for generating Authentication Key using command prompt).
When request is received by emCA service, the request JSON Object will be decrypted with same AES key that is shared to the client.
After successful decryption, request JSON object (Signed CSR data + Username + Password+ Profile Id+ Application ID+ Subscriber ID+ Validity + Valid From) is retrieved.
First emCA service validates the username and password and verifies if the IP Address used for request and registered with the user are same.
If request is registered with the same user, then the system checks if the Certificate is already created for the requested applicationId.
If certificate is already created for the applicationId, then return existing certificate.
If certificate is not created for applicationId, then we create the certificate using next step.
If it is same then the signed CSR data (signature) is validated by checking whether CSR is signed by the same PFX file which is registered for the specific user.
If validation fails at any point in processing the request, the emCA service will throw error/failure message. (Refer error messages section)
Response Parameters
Parameter
Data Type
Description
response
String
Returns JSON Object
JSON Object Contains below parameters
Parameter
Data Type
Description
status
String
Returns Status of the request – “Success‟ if CSR is signed by selected certificate profile id and generates x509 certificate.
Returns status of the request – “Failure‟ when authentication fails or unregistered user tries to call the API
result
String
Returns
In case of success: base 64 encoded pdf data for x509 certificates data
In case of failure: Error message will be displayed.
subscriberId
String
Returns Subscriber Id
requestId
String
This is used in another API where “Is ManualAuthorization Enabled” is checked from emCA application. In this case one request ID will be generated that user has to provide to create certificate from another API.
OR
This is used in another API where “Is Manual Authorization Enabled” is checked from emCA application. In this case one application ID will be passed by user while user requests for certificate creation through another API.
Note: If there is more than one CSR, it will receive multiple request IDs that are separated by "~".
Example : ID1|requestId1~ID2|requestId2 etc.
ID in the above example reference to input csr id which is shown in signature parameter.
Response JSON Format
Error Message
Description
<profile id> profile does not exist
If the given certificate profile Id is invalid
Please enter valid data
If the signature parameter (CSR) contains an invalid CSR or if the CSR does not contain the required details of the selected certificate profile.
Signature verification failed
If signature parameter (CSR) is not signed by the pfx shared by eMudhra
Invalid validity
validity should be in proper format dd:hh:mm:ss e.g: 120:23:45:54
Invalid From Date
Invalid Input: From Date should be in proper format dd:MM:YYYY hh:mm:ss e.g: 12:12:2019 00:00:00