LogoLogo
  • emCA Certificate Manager
  • Introduction
    • Summary
    • Key Features
    • Key Components
    • Architecture
    • Use Cases
    • Security
    • Role based Access
    • Licensing
    • How emCA Works ?
  • Release Versions
    • V4.2.6
    • V4.2.5
    • V4.2.4
      • User Manual
        • CA Administrator
          • CA Admin Login
          • Dashboard Page
          • View CA Hierachy
          • Manage User Certificates
            • Search
          • Manage CA Certiifcates
            • Search
          • Manage User & Roles
            • Manage User
            • Create New User
            • View Groups
          • Reports
            • Application Logs
            • CRL Report
            • Certificate Statistics
            • All Certificates
            • Active / Revoked / Suspended / Expired Certificates
          • Application Settings
            • Manage License
            • Manage Authentication Matrix
            • Certificate Features
        • Administrator
          • View Hierachy
          • Manage Profiles
            • Manage Certificate Profiles
              • X509 certificate profile
              • Create CVC CA certificate profile
              • Create EMV Certificate Profile
            • Manage Key Profiles
            • Manage CRL Profiles
          • Manage User Certificates
          • Manage CA Certificates
          • Manage Keystores
          • Manage Users & Roles
          • Reports
          • Application Settings
          • Setup & Registeration
          • External Applications
          • Mail Settings
          • Manage Certificate Features
        • Officer
          • CA Hierarchy
          • Manage User Certificates
          • Manage CA Certificates
          • Manage CRLs
          • Manage EMV Certificate
          • Manage EMV CRLs
          • Manage Keystores
          • Manage OCSP Certificates
          • Recover User keypair
          • Reports
        • Auditor
          • CA Hierarchy
          • Reports
      • emCA_Deployment_Document
    • V4.2.3
      • User Manual
        • CA Administrator
          • CA Admin Login
          • Dashboard Page
          • View CA Hierachy
          • Manage User Certificates
            • Search
          • Manage CA Certiifcates
            • Search
          • Manage User & Roles
            • Manage User
            • Create New User
            • View Groups
          • Reports
            • Application Logs
            • CRL Report
            • Certificate Statistics
            • All Certificates
            • Active / Revoked / Suspended / Expired Certificates
          • Application Settings
            • Manage License
            • Manage Authentication Matrix
            • Certificate Features
        • Administrator
          • View Hierachy
          • Manage Profiles
            • Manage Certificate Profiles
              • X509 certificate profile
              • Create CVC CA certificate profile
              • Create EMV Certificate Profile
            • Manage Key Profiles
            • Manage CRL Profiles
          • Manage User Certificates
          • Manage CA Certificates
          • Manage Keystores
          • Manage Users & Roles
          • Reports
        • Officer
          • CA Hierarchy
          • Manage User Certificates
          • Manage CA Certificates
          • Manage CRLs
          • Manage EMV Certificate
          • Manage EMV CRLs
          • Manage Keystores
          • Manage OCSP Certificates
          • Recover User keypair
          • Reports
        • Auditor
          • CA Hierarchy
          • Reports
        • Operator
          • CA Hierarchy
          • Backup
    • V4.2.2
      • User Manual
        • CA Administrator
          • CA Admin Login
          • Dashboard Page
          • View CA Hierachy
          • Manage User Certificates
            • Search
          • Manage CA Certiifcates
            • Search
          • Manage User & Roles
            • Manage User
            • Create New User
            • View Groups
          • Reports
            • Application Logs
            • CRL Report
            • Certificate Statistics
            • All Certificates
            • Active / Revoked / Suspended / Expired Certificates
          • Application Settings
            • Manage License
            • Manage Authentication Matrix
            • Certificate Features
        • Administrator
          • View Hierachy
          • Manage Profiles
            • Manage Certificate Profiles
              • X509 certificate profile
              • Create CVC CA certificate profile
              • Create EMV Certificate Profile
            • Manage Key Profiles
            • Manage CRL Profiles
          • Manage User Certificates
          • Manage CA Certificates
          • Manage Keystores
          • Manage Users & Roles
          • Reports
        • Officer
          • CA Hierarchy
          • Manage User Certificates
          • Manage CA Certificates
          • Manage CRLs
          • Manage EMV Certificate
          • Manage EMV CRLs
          • Manage Keystores
          • Manage OCSP Certificates
          • Recover User keypair
          • Reports
        • Auditor
          • CA Hierarchy
          • Reports
        • Operator
          • CA Hierarchy
          • Backup
    • V4.2.1
    • V4 .0.17
      • Open API Specifications
        • Prerequisites
        • Process for calling emCA API
        • How to Generate an Authentication Key
        • How to Generate Signed Data (PKCS#7)
        • How to create JSON Object before Encryption
        • How to encrypt JSON object
        • How to generate a request JSON Object
        • API Methods
          • API Method -createCertificate and createCertificateP7B
          • API Method -createPKCS12
          • API Method -getCertificate
          • API Method - revoke
          • API Method - verifySignature
          • API Method - createCertificateById and createcertificateP7BById
          • API Method - createPKCS12ById
          • API Method - reinstate
          • API Method - suspend
          • API Method -rekey
          • API Method-getCertificateByRequestID
          • API Method - createCustomCertificateById
          • API Method - getExpirySoonCertificate
          • API Method - getProfileinfoByProfilename
          • API Method -getCertificateProfileList
          • API Method- createCertificatesByIdWithMultipleCsrData
          • API Method - getPKCS12
          • API Method - createeSignCustomCertificateById
        • ePassport Certificate API Methods
        • emClient.jar
        • SOAP Information
        • ACME Protocol
        • CMP Protocol
        • EST Protocol
        • SCEP Protocal
      • User Manual
        • View CA Hierarchy
          • Delete Certificate and Keypair
          • Search Certificate
          • View Certificate
          • Export Certificate
        • Manage Profiles
          • Key Profiles
            • Edit
            • Key Profile Creation
              • Create HSM Key Profile
              • Create PKCS12 Key Profile
          • Certificate Profiles
            • Certificate Profile Creation
              • Create CA Self Signed Certificate
              • Create User Certificate Profile
              • Create OSCP Certificate Profile
          • CRL Profiles
            • New CRL Profile
        • Manage User Certificate
          • Enroll
            • Generation of Soft Token Certificate
            • Generation of Hard Token Certificate
          • Revoke/Suspend
          • Reinstate
          • Search
          • Sign CSR
          • Manual Authorize Certificates
          • SCT Request
        • Manage CA Certificate
          • Enroll
            • Create Self-Signed CA Certificate
            • Create Sub CA Certificate
            • Create OSCP Certificate
            • Generate Signing CSR
          • Manage CA Certificates
            • Search Certificate
            • Import Certificate
          • Revoke CA Certificate
          • Search
          • Sign CSR
          • Import PKCS12
        • Manage CRLS
          • Create CRL
          • Update CRL
          • Download CRL
          • Scheduler Configuration
        • Manage OSCP Certificates
          • Configure OSCP Certificate
          • OSCP Configuration
        • Recover User Keypair
          • Recover
            • Key Recovery with new Password
            • Key Recovery with old Password
        • Manage Users and Roles
          • Manage User
            • Create New User
            • View all users created
            • View individual user
            • Deactivate user
            • Activate user
            • Renew
            • Delete User
          • View Groups
        • Reports
          • Types of Reports
          • CRL Reports
          • Certificate Stastics
          • All Certificates Reports
          • Active Certificates Report
          • Revoked Certificates Report
          • Suspended Certificates Report
          • Expired Certificates Report
        • Application Logs
        • Backup
          • Manual Backup on Local Server
          • Manual Backup on Remote Server
          • Automatic Backup on Local Server
          • Automatic Backup on Remote Server
        • Backup Restoration
        • Dashboard Features
          • View all Active CA and User Certificates
          • View Revoked CA and User Certificates
          • View all expiring soon CA and User Certificates
          • View all CRL-based Certificates
        • Application Settings
          • Manage License
          • Setup and Registration
          • External Applications Onboarding
        • Manage Key stores
    • V4.0.13
      • User Manual
        • View CA Hierarchy
          • Delete Certificates & Key Pair
          • Search Certificate
          • View Certificate
          • Export Certificate
        • Manage Profiles
          • Key Profile
            • Edit
            • Key Profile Creation
              • Create HSM Key Profile
              • Create PKCS 12 Keyprofile
        • Certificate Profiles
          • Certificate Profile Creation
            • Create CA Self Signed Certificate Profile
            • Create SubCA Certificate Profile
            • Create User CA Certificate
            • Create OCSP Certificate
        • Manage User Certificate
          • Enroll
            • Generation Of Softtoken Certificate
            • Generation Of Hardtoken Certificate
          • Revoke/Suspend
          • Reinstate
          • Search
          • Sign CSR
          • Manual Authorize Certificates
          • SCT Request
        • Manage CA Certificate
          • Enroll
            • Create Selfsigned CA Certificate
            • Create Sub CA Certificate
            • Create OCSP Certificate
            • Generate Signing CSR
          • Manage CA Certificates
            • Search
            • Import Certificate
        • Revoke CA Certificate
        • Search
        • Sign CSR
        • Import PKCS 12
        • Manage CRLs
          • Create CRL
          • Update CRL
          • Download CRL
          • Scheduler Configuration
        • Manage OCSP Certificate
          • Configure OCSP Certificates
          • OCSP Configuration
        • Key Recovery
          • Recover
            • Key Recovery With New Password
            • Key Recovery With Old Password
        • Manage Users & Roles
          • Manage Users
            • Create New User
            • View All Users Created
            • View Individual Users
            • Deactive Users
            • Activate Users
            • Renew
            • Delete
            • Export All users
          • View Groups
        • Reports
          • Features
          • Types Of Reports
            • CRL Reports
            • Certificate Statistics
            • All Certificate Reports
            • Active Certificate Reports
            • Revoked Certificate Reports
            • Suspended Certificate Reports
            • Expired Certificates Reports
        • Application Logs
        • Backup & Restore
          • Backup
            • Manual Backup on Local Server
            • Manual Backup On Remote Server
            • Automatic Backup on Local Server
            • Automatic Backup On Remote Server
          • Backup Restoration
        • Dashboard Features
          • View All Active CA and User Certificates
          • View Revoked CA & User Certificates
          • View All Expiring Soon & User Certificates
          • View All CRL Based Certificates
        • Application Settings
          • Manage emCA Authentication Matrix
          • External Application On-Boarding
        • Manage Keystore
  • Deployment Models
    • Single Instance
    • High Availability Deployment
    • Hybrid Deployment
    • Cloud Deployment
    • List of Prerequisites
      • Installations
        • Token Drivers
        • emCA Websocket
    • emCA Deployment Guide
      • Prerequisites
        • Other Prerequisites
      • emCA
      • emCA API
      • OCSP Core
      • OCSP Responder Web
      • TSA Core
      • TSA Web
      • Scheduler
      • DB Password Encryptor
      • emCA Initial Setup
      • Copy of emCA Initial Setup
Powered by GitBook
On this page
  1. Release Versions
  2. V4 .0.17
  3. Open API Specifications
  4. API Methods

API Method - createCustomCertificateById

PreviousAPI Method-getCertificateByRequestIDNextAPI Method - getExpirySoonCertificate

Last updated 1 year ago

Purpose

Use the “createCustomCertificateById” method for creating the X509 certificate and p7B certificate based on the ID selection.

Type of Method

POST

Request URL

Request Input Parameters

Parameter

Presence

Data Type

Description

signature

M

String

CSR file has to be generated and signed with PFX shared by us.

Pass Signed CSR data i.e., PKCS#7 data.

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

profileID

M

String

Pass Certificate profile Id to be used to create x509Certificate and CreateP7BCertById.

subscriberId

M

String

Pass the Subscriber ID.

validity

O

String

Pass the validity in the form of (Days : Hours : Minutes : Seconds)

Days – 36135 (maximum days)

Hours - 23 (max hours)

Minutes - 59 (max minutes)

Seconds - 59 (max seconds)

to create certificate with the given validity.

validFrom

O

String

Pass the validityFrom in the form of (Days : Months : Years : Hours : Minutes : Second)

sANValues

M

String

Pass sANValues to be used to createx509Certificate and CreateP7BCertById. Example:

subjectDNOids

M

String

Pass subjectDNOids to be used to create x509Certificate and CreateP7BCertById.

Example: “2.5.4.3|Test~2.5.4.6|India~2.5.4.8|Delhi~2.5.4.7|te st~2.5.4.5|77686868687~2.5.4.10|Personal~1.2.84

0.113549.1.9.1|test@gmail.com~2.5.4.12|test”

isP7BRequest

M

String

Pass “true” for p7b Certificate and “false” for .cer Certificate.

applicationId

M

String

Pass application ID.

Sample JSON Object

requestData	
	{
  "csrData": "MIHbMIGBAgEAMA4xDDAKBgNVBAMTA0NTUjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAIKJFi11G9g53gaUOPNTquh3qFgyfJr5rX4CvZ+P3OrI/GAdSSs81WmZvljrzdyuJjo4cd0zfroFcJnUnmlIb+gETAPBgkqhkiG9w0BCQ4xAjAAMAoGCCqGSM49BAMCA0kAMEYCIQCDSGcQ7SWenQ2DrYGZOeMQFN9ezd3kZWgZoWYskerWGQIhAMu2UJeZe/Is21mmq3uGEHFyVJYG+ToAeMBHNWtjjZXu",
  "isP7BRequest": "true",
  "profileID": "3",
  "sANValues": "rfc822Name=arjun.kb@emudhra.com|dNSName=www.emudhra.com|iPAddress=10.80.106.78|registeredID=2.10.100.2.4.5",
  "subjectDNOids": "2.5.4.3|abhishek~2.5.4.4|kumar~2.5.4.5|DHYVK6543F~2.5.4.6|IN~2.5.4.8|KA,2.5.4.10|emudhra~2.5.4.11|ESS",
  "subscriberId": "2132131",
  "validFrom": "12:11:2020 12:23:45",
  "validity": "365:12:45:45"
" applicationId ": "23123123"
“isSignedData”  : “true/false”
}

Parameter

Presence

Data Type

Description

requestData

M

String

All the request input parameters mentioned above should be converted to JSON object and encrypted with AES 256 key shared with you by the emCA team.

Pass Encrypted JSON Object.

userName

M

String

You need to pass username that is registered with emCA for API process.

Header Details

Key

Presence

Value

Description

Application / JSON

M

Content-Type

Type of request should be in JSON Format.

Authentication Key

M

emKey

emKey is an encoded key (Refer section 4 for generating Authentication Key using command prompt).

Sample Request Data

Header: 
              Content-Type : application/json
Request Body:	
                        {
"requestData" : "yg3WSoOKkUHHfqMYb3aB+rF4+UjSvkp04Wx5i8TIxnFkwy13yGaeIqNz1FuqcXW684dSymXudK2SJK/AuV6p/jNwtjtbVIRT+98y/8+GC3GvbFVF7oPGtbhF54nLdkBQyt1ntdSmpUies/y4RdG++kEPubkNGGGdb6gezlHU5JuNwvUljhmAtzXhYlP+2tJ3ZexxQju30IkQ6+c7XmcWbG3Whu8Ky26WF/IQ12maEsnoWI7T0t3zzH0kyIgo96IYye8MXbcF1LiYoBDLkSurDQPm9pdHR8kF4stwK5OgM3+x6Jt0sX/UbrMZA1SzfAmFTDRr6L7OFVwn9b8UTQMJA3Chk8hG2XI2QG7dqPkdHK2vTGqjKve4Hxegr0kIizJAt60DhaH9dD2D7wLeGR59snGhpo8QzOJHWhvgA5HuHTR7HF3qQ7KphYBol3v8IIKKBiNXC8GNyGtqJIUy3FxlQFPBgtdAcOr9y0Ors/tuatnhQCODYJ7ixQHlwWUcIFNqTp+TQvKlWRn3KXbYVrWsc0VzdNLdbf/BC9cKMfuaJcIMVdlN66FbLfNi2TtQXbyr4u+e86x0Vgy7NLYnK5nKreyUseiz9WBSZxM0S8m7rUNdYuh7dIs11Jab8AAYeCwMXWJnQliRp2wrESA24C6hia5qj34NmDEW5LLz9dxmbZ/ywie/c+gWDEer7MLAujFTZQJ8ouyiJ1Qr5muHgE9G3EsCFYvrDjxKJxvxMPm0Qi0JJT5yw0c+hWhGb+MAwslCLc5YyflR6wmK6qNV9gedD7fawPl1qgqqJTz+M1J2Egz6qYSXVWdr8GCbqoMxkxUWQkceMFkBhpTSF5pn5eDPUJ+Ly1RSqCouGgpA7qOGRDRK5TLxqQlfD9TCbV5X+Q1TygvuhuWLF5GEwFrQD01Pj6OdJZ+XdWCpL/vpEMcTX+MKo3VrCAu7R1K13wbjiqNKYI60PXxqXA+Cv+rE5zZB4Tj6OLquws9TE160MFmq4u0ET3V0O1HIFk1TrhMbeWzr4JrxhkWDti4AAbbKgXcUkh90SqlypybH9uSftxjaw6/OnMeKuayAMrCFi9C+yeRoA5d+xp1GMXA4bXSXQ4SBIOon4gf3KgjKGf3GHogbEPGkdtS9PMF8EYcfOtNs7eHztbz8RPbdnS7+4U8OsEj5YbWFXF97MqLZw9YyJP+CSs19cL4j2HSxCo0404dY07ZUdU3Kjua60JtqGFeJoZVwAWSa4CIeEhumsskY8YK9+1nTev1ynPmNYL3owrNOOPrJlOvZu5X9A69xz603LaeI2mUIMT/EPK98ViuLxET/KigWxfZJu638GPeSah0RdbMJjB/B6oUoB1Fd0zftytImyIIRmr7P/3XSTq2kS3rOJ9edHloFu8PmYGwfJu6wk/aQGQxvcS51wbnXexUSTWxo1EzgrUSwc10gxMRbIt28QlqeLNePTKqmDXzA7NvJDyJ7OPRprdLaTGdAyKPlDBIgWMODCqvkDIqayRRpls1XfvF1CJJyMHzL49ffYRa90B2TG3YVSCOkn+V77JYpND47xByXs8ybO1J6VGiDN/GvsEvI/HL90BkFXKtOfrygSrPILJ9ve1R1FrvTTg1sEyT2neIePXUPFXT6VtFyoA63uQgzGgVZut5r8yerrMHcjY4pukYIvbtBN94gvVhR3zCM9959ADzlx6gNw6Gk5ULLG8zICvxxotD8yPEG2vZ920GUysyyLkhy7eVGfs28iRMLrBv15FiSIW9VvB3IxUOCKn1CEQXU3abGge85bs0sAQl+I5lRNQCdaaATdltFdw9xQ4m+BNZsgGOB1kcBnD6Nxcsaeyat3f0200DyLLGAnzgmj77F+pLDJaZCnu2TjwumcNpEBOataNbaia/HVFBOyCDebgYsEqaTQpXlyUtFHPK/NyaRdjgF08p8Sg1BoYI8bcuKiYdilh6C66xHkI/znXIj1NEiPgiWFcv6usjifiQpXjPZ7TPh9lxAgA2TDMNBjcuZN40oIbyX7Z22aqlM317jP3LeH3igBngUsESTiKeU6oC9uAoa1B1Vo5M6DobOW0Sku3S7oXzZPc89fbL1fRn9LDu05N/EWf/dp0TB99lBYKUFDTWT/JNuJgHYLSExDGB73QKybr8IA1uSVgW55NwD8s6DJ2rpCGu8UiGXLf6t2x+tdXzhG8kPFyNRjMbT+v8DnQMtcBCXZOfNqaYqW1TohA6K0/PBc+8y+0RlHuyMZXKqO58TUp2vZVrXl6UMdslcNHkGSUC7mn0cwcupxrPuLWtgdiDMaU78z75hSdI+bjDuELDrbYJ20pBi1rzTa8e56HfuQ+HEMyfhF7J3BCcgZ1MKKTb5JHssLqn3MDzuS96mX7flEqOhObLRFDk3GGahuF7fTyIhOuxEb/jX5x8BKvt6/fLqc6i3h0LsrMp3NdoAKGn8qQMuDqtVHkyOVJdFB7imQR+D52YbvWhWtsg1icQ8bGMdmtsLuB3xHpHZa0rfZ783DLoDtQRWo85m3PYXXP9y8p3sYBTyZGrcRdFLCm9q4wSFDpm6Glj7QphhvvxmOywUD1K4x4dnVTy+fshyZGAwrK58QRzHMXHVVvU62cawftL/XK7RsaQt6YyVVkzCBu2evBmQAUJQWhG1OetwLH/+jo9zpvZs4p8nrUJzAnv5XiT66XOOAvZuGEs6VGQ4xewGLDwxfsdCrCrD4XP8LBsWXkK+9m+oqKczanmL8X5weMpPbwLTPmJJHA5OmWkT3WA9XWr8q8S3l9OwgcdDpszLeVaDLTAFWJJahkiWfemIjTaYjTCMvKKiN7ZU6MBRL3QKCYYnrSArxQR81C5ACa451bLik8EvU5yrE3B8vZE/biswpDQKJzfRNXBUC73hRm2zq44etI0ZOvlzEux/I3wzLZ2A4xUeiSguY8osLJTbh5mMR5MZrFzlzVx/7XnmqABwQGS364sddgMWZ600cO722SF6575bFSneXHFfr04+fCsCgEdT3X0m4C8DbCf1aGqmB74cgFuLrLa95GdRaD6uXn+GcsUNsJY0elxvhmOXfurIhmUOxAwmUlTLk1Bav0UYVNHn+jZdXvdrHvbQ+zqkkD3NmxgUe0M8rCgTxHXhjfJgoRfitHxUh52mokl3plFRpik+RG1RNUZsfjAxwXSuwhyQ0Pn9pd76FBnQI7rxuKIJZL9+fYHv7WvQLUrC0aHytTK6TKQZbnLa0MkuirpP8GvGwsbC37ONs72q7rRFdzssVG+qiYMVXJfQeXYMJE6l3vtNZQd1/hQO5Hsb9Ew1P5md2+uNB1AQX9FPFZWfM8NVvaooWhCXnBRzeNrWYtAPobVpUwcoXKMwP/xKaFj55O7oJbZLkrzPnL+blh4ddOFrs7Fmf18pNmvxVkNKSaB62qDCiagYhBBY+bf2Mo0um/t45qc0G9nthQwwwSBrb4Lt52C/XD/WCavdxWI83RO5845mYaHe8PE/xJn8ij3xYCzY8MFg0zFbKb4RsXCmC0svqiUB1gkHqJSNHB02AzTl8xekfZGRAq9/5ULJu1PWO9d/R3zcItDUxWnhCwZAdJAaDOTZefQd92OIGkA6p/LjJOKUPkCGf2/1HjsBpqDJzXab+ym15bowVae41s/B5LG1ilpupvb9A04OOE/DdbrP6uc0AxcEZHxNqYkkjTdcrLw5LyB7/6NE8bKJqQ0AdXGNPZCBIqp3BUNtkMLBVTtGzPSYkzzz4FuhZ+DpDwk0NodWAqXgwD3v0qkj0x5UjrCPWSGhYrDAI94loyk4XpW/GZAM6f7SOVWJLwY+DYliq+d2uA/kOJuo9AUn10DLg/QwycN4SbtSgljAbCnddWAlY2YfJBH+y72e88Iy/dg3jGfUzT7B05LuS2V0gA2n50eu/bSdxaa+ZSUu2kVyZFF9mKjwt9I0IRS6yr66ZFqXAisiSgVFLvOjxEme1oCS7ki1X6oNjrHBrFM5B6ot+O2eb93VdBp+ivW/KHLHM7ZaFrk1kjvKyatn/VHtnEQU+WofD/OgwkiGH/+nLg7fa6mew46jGaJ9z5HeA5ZF4BhQuUmVgsh5KR32VLy/3K0rqV28qV1q8E8r7SyZl6KGJWK6xhFY8LO7CocrQA=="	
		}

Process

  • When request is received by emCA service we will decrypt the request JSON Object with same AES key that is shared to the client.

  • After successful decryption, request JSON object (Signed CSR data+Username+Password+ Profile Id + Application ID + Subscriber ID + Validity + Valid From + isP7BRequest+ SubjectDNiods+ SAN Values) is retrieved.

  • First emCA service will validate username and password and check if the IP Address used for request and registered with the user are same.

  • If request is registered with same user, then we check if the certificate is already created for requested applicationId or not.

  1. if certificate is already created for applicationId then return existing certificate.

  2. if certificate is not created for applicationId then we create certificate using next step.

  • If it is same then signed CSR data (signature) is validated by checking whether CSR is signed by the same PFX file which is registered for the specific user.

  • If validation fails at any point in processing the request, the emCA service will throw error/failure message. (Refer error messages section)

Response Parameters

Parameter

Data Type

Description

response

String

Returns JSON Object

JSON Object Contains below parameters

Parameter

Data Type

Description

status

String

Returns Status of the request as success if CSR is signed by selected certificate profile id and generates x509 certificate.

Returns status of the request as failure if authentication fails or unregistered user tries to call the API

result

String

Returns

In case of success: base 64 encoded x509 certificate data

In case of failure: Error message will be displayed.

subscriberId

String

Returns Subscriber Id

requestId

String

This is used in another API where Is Manual Authorization Enabled is checked from emCA application. In this case one request ID will be generated that user has to provide to create certificate from another API

OR

This is used in another API where Is Manual Authorization Enabled is checked from emCA application. In this case one application ID will be passed by user while user requests for certificate creation through another API.

Response JSON Format

      Sample:
Success:
      Response Body(Is Manual Authorization Enabled is “not“ checked from emCA)
     {
      "status":"success",
      "result":"base 64 encoded x509 certificate  data",
      “subscriberId”:”XXX”
      "requestId": null,
      “aliasname”:null
     }	


Response Body (Is Manual Authorization Enabled is checked from emCA )
{
  "status": "Success",
  "result": " request accepted successfully ",
  "subscriberId": "XXXX",
  "requestId": “XXXX”,
   “aliasname”:null
}	
      Failure: 
    {
    "status":"failure",
    "result":"<Error message>"
    “subscriberId”:null
    "requestId": null,
   “aliasname”:null
     }

Sample for base 64 encoded x509 certificate data

" MIIHCwYJKoZIhvcNAQcCoIIG/DCCBvgCAQExADALBgkqhkiG9w0BBwGgggbgMIIB+DCCAWGgAwIBAgIRAMXqvbqIkM14Ii3WJq25AFswDQYJKoZIhvcNAQELBQAwGzEZMBcGA1UEAxMQUm9vdCBDZXJ0aWZpY2F0ZTAeFw0xOTEwMTcwODMxMzdaFw0yMDEwMTYwODMxMzdaMBsxGTAXBgNVBAMTEFJvb3QgQ2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALAEsaioS62rcpQdrH8BkUq/bsolxNXGvWWubGk/DbR1WxATWA0z59klKbmFYIF96jfEQBAPIo/yzWcE+aFDIRvA7Myv3luHUygID7XglxhKSGXJh+aKdqT1dIVxQbVUKBa8wHPhWCOT0peyfvHBmJhOMRya72fLQpGzBBpvata7AgMBAAGjPDA6MAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgGGMB0GA1UdDgQWBBQl5oIKM70kfhb1S2Ax9PllaXA6nDANBgkqhkiG9w0BAQsFAAOBgQCb7Eww4xbwejNc1jWkQLLjqv7d0l20UbSRgx7zmBS6RSCBEOjjDpfEABxoqZFGEtNKcGPD5Mb2TUvxvPHZ43f9YDHr2p2mFPLTujksnfxiYUz3/Ri5oimiRuq/ZofBk2OOjWZBSJA4xtkQetkcebCAZQMHTyDx3KiZTk8V6SgyCzCCAkEwggEpoAMCAQICEQDwZoddkxrT3xRaOVr0nyA7MA0GCSqGSIb3DQEBCwUAMBkxFzAVBgNVBAMTDkNBIENlcnRpZmljYXRlMB4XDTE5MTAxNzE0MjUzMVoXDTIwMTAxNzE1MjYzMVowDjEMMAoGA1UEAxMDQ1NSMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAgokWLXUb2DneBpQ481Oq6HeoWDJ8mvmtfgK9n4/c6sj8YB1JKzzVaZm+WOvN3K4mOjhx3TN+ugVwmdSeaUhv6NaMFgwCQYDVR0TBAIwADALBgNVHQ8EBAMCBsAwHwYDVR0jBBgwFoAUnLzcLQkzbcxUG+xkOleUAaDzbc8wHQYDVR0OBBYEFC+hnr5YkQaRLDCRYbwKLjVhLTtuMA0GCSqGSIb3DQEBCwUAA4IBAQAgeWLCXtCTcw76HhgkYoBb57Ec+qSIuj9HzQzHxhm1WegvdRGXGuOWU7BBBJv15Kp02bCqesns6Wd6C1ye//ctUiOGByvpLb5PVEKVLw/yUEOVYrYxTF5ZrVKNYaRv+BBIcJG5GgsSMzHSd+kZ0Q6uQ9BE8AuJhJ90k/QrnJIXC2DNe71K1X5JIUc6HnZE54djSI/LDg/e7KXiY4oGhNQpn91DSGwGmxVWM0DTwpepHrgCHXic8E1leyz6yEH9+wLKy+bWRX5/38smBDVBCSCfvxgoXGtIDzfNzezp6aqWQCUsGrTZlCaLuiTviA9gPRcPHB7JoLPII5o+Mpv94ndkMIICmzCCAgSgAwIBAgIRAN4bMCUOfRJDHbNXnOWob6EwDQYJKoZIhvcNAQELBQAwGzEZMBcGA1UEAxMQUm9vdCBDZXJ0aWZpY2F0ZTAeFw0xOTEwMTcwODM0MThaFw0yMDA4MTIwODM0MThaMBkxFzAVBgNVBAMTDkNBIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjo2hy1C4v1ij49tYY5QF/OK1YdFAQ4lTZzdqMNsLX2zEoqSvsiYogn7elC/vWlfp13q6cpIWWpMLx26UD+aClaSfl3D9X5fpGL/BjWriszYWhI9yW5PsLAY//W0X4CSkUfoKEX24Ntk+BF/8zpUvVKEBYCznPEZG2NcLEakB7zCfZQuwLmcYQ16oEhC1WasDcGMMAdSyiy8Fd0SjoSV+/cI5jDM81yJMpp+GdhwLQsGfcfJLHg7boGR/L9r/YMP0D2LR1FdF7PGbtGhvP7xabxbRaJsrlwieqi/FqVAWagMEJTzowBMpj0YIkA4x+z7qBc2M/S4n04t1L7xc3RQxQIDAQABo10wWzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBhjAfBgNVHSMEGDAWgBQl5oIKM70kfhb1S2Ax9PllaXA6nDAdBgNVHQ4EFgQUnLzcLQkzbcxUG+xkOleUAaDzbc8wDQYJKoZIhvcNAQELBQADgYEAm/v5DdSGGLaALG5S7sQj0ycxIZ1UyKMzdk+UEofD3b9A4FXFKi4u/8VkEwo+qSvSKt6FPWWnH7QzcTdXJUiTP5vMcyPnGjpGh58gBI9PMvPn3+A+mn27s6b8lLXJlR0P+qWHvcWXw7oRYkpTtsBLPWWe1fLHa6KIf85CoD/Ikb8xAA== "

Error Messages

Error Message

Description

<profileId> profile does not exist

If the given certificate profile Id is invalid

Please enter valid data

If the signature parameter (CSR) contains an invalid CSR or if the CSR does not contain the required details of the selected certificate profile.

Signature verification failed

If signature parameter (CSR) is not signed by the pfx shared by eMudhra

Invalid validity

validity should be in proper format dd:hh:mm:ss e.g: 120:23:45:54

Invalid From Date

Invalid Input: From Date should be in proper format dd:MM:YYYY hh:mm:ss e.g: 12:12:2019 00:00:00

isP7BRequest

enter true for p7bCertificate and false for .cer certificate

8NSName=www.e xample.com|iPAddress=127.0.0.1|registeredID=2. 10.100.2.4.5"

http://www.example.com/emCAServices/rest/createCustomerCertificateById
"rfc
22Name=test@gmail.com|d