LogoLogo
  • emCA Certificate Manager
  • Introduction
    • Summary
    • Key Features
    • Key Components
    • Architecture
    • Use Cases
    • Security
    • Role based Access
    • Licensing
    • How emCA Works ?
  • Release Versions
    • V4.2.6
    • V4.2.5
    • V4.2.4
      • User Manual
        • CA Administrator
          • CA Admin Login
          • Dashboard Page
          • View CA Hierachy
          • Manage User Certificates
            • Search
          • Manage CA Certiifcates
            • Search
          • Manage User & Roles
            • Manage User
            • Create New User
            • View Groups
          • Reports
            • Application Logs
            • CRL Report
            • Certificate Statistics
            • All Certificates
            • Active / Revoked / Suspended / Expired Certificates
          • Application Settings
            • Manage License
            • Manage Authentication Matrix
            • Certificate Features
        • Administrator
          • View Hierachy
          • Manage Profiles
            • Manage Certificate Profiles
              • X509 certificate profile
              • Create CVC CA certificate profile
              • Create EMV Certificate Profile
            • Manage Key Profiles
            • Manage CRL Profiles
          • Manage User Certificates
          • Manage CA Certificates
          • Manage Keystores
          • Manage Users & Roles
          • Reports
          • Application Settings
          • Setup & Registeration
          • External Applications
          • Mail Settings
          • Manage Certificate Features
        • Officer
          • CA Hierarchy
          • Manage User Certificates
          • Manage CA Certificates
          • Manage CRLs
          • Manage EMV Certificate
          • Manage EMV CRLs
          • Manage Keystores
          • Manage OCSP Certificates
          • Recover User keypair
          • Reports
        • Auditor
          • CA Hierarchy
          • Reports
      • emCA_Deployment_Document
    • V4.2.3
      • User Manual
        • CA Administrator
          • CA Admin Login
          • Dashboard Page
          • View CA Hierachy
          • Manage User Certificates
            • Search
          • Manage CA Certiifcates
            • Search
          • Manage User & Roles
            • Manage User
            • Create New User
            • View Groups
          • Reports
            • Application Logs
            • CRL Report
            • Certificate Statistics
            • All Certificates
            • Active / Revoked / Suspended / Expired Certificates
          • Application Settings
            • Manage License
            • Manage Authentication Matrix
            • Certificate Features
        • Administrator
          • View Hierachy
          • Manage Profiles
            • Manage Certificate Profiles
              • X509 certificate profile
              • Create CVC CA certificate profile
              • Create EMV Certificate Profile
            • Manage Key Profiles
            • Manage CRL Profiles
          • Manage User Certificates
          • Manage CA Certificates
          • Manage Keystores
          • Manage Users & Roles
          • Reports
        • Officer
          • CA Hierarchy
          • Manage User Certificates
          • Manage CA Certificates
          • Manage CRLs
          • Manage EMV Certificate
          • Manage EMV CRLs
          • Manage Keystores
          • Manage OCSP Certificates
          • Recover User keypair
          • Reports
        • Auditor
          • CA Hierarchy
          • Reports
        • Operator
          • CA Hierarchy
          • Backup
    • V4.2.2
      • User Manual
        • CA Administrator
          • CA Admin Login
          • Dashboard Page
          • View CA Hierachy
          • Manage User Certificates
            • Search
          • Manage CA Certiifcates
            • Search
          • Manage User & Roles
            • Manage User
            • Create New User
            • View Groups
          • Reports
            • Application Logs
            • CRL Report
            • Certificate Statistics
            • All Certificates
            • Active / Revoked / Suspended / Expired Certificates
          • Application Settings
            • Manage License
            • Manage Authentication Matrix
            • Certificate Features
        • Administrator
          • View Hierachy
          • Manage Profiles
            • Manage Certificate Profiles
              • X509 certificate profile
              • Create CVC CA certificate profile
              • Create EMV Certificate Profile
            • Manage Key Profiles
            • Manage CRL Profiles
          • Manage User Certificates
          • Manage CA Certificates
          • Manage Keystores
          • Manage Users & Roles
          • Reports
        • Officer
          • CA Hierarchy
          • Manage User Certificates
          • Manage CA Certificates
          • Manage CRLs
          • Manage EMV Certificate
          • Manage EMV CRLs
          • Manage Keystores
          • Manage OCSP Certificates
          • Recover User keypair
          • Reports
        • Auditor
          • CA Hierarchy
          • Reports
        • Operator
          • CA Hierarchy
          • Backup
    • V4.2.1
    • V4 .0.17
      • Open API Specifications
        • Prerequisites
        • Process for calling emCA API
        • How to Generate an Authentication Key
        • How to Generate Signed Data (PKCS#7)
        • How to create JSON Object before Encryption
        • How to encrypt JSON object
        • How to generate a request JSON Object
        • API Methods
          • API Method -createCertificate and createCertificateP7B
          • API Method -createPKCS12
          • API Method -getCertificate
          • API Method - revoke
          • API Method - verifySignature
          • API Method - createCertificateById and createcertificateP7BById
          • API Method - createPKCS12ById
          • API Method - reinstate
          • API Method - suspend
          • API Method -rekey
          • API Method-getCertificateByRequestID
          • API Method - createCustomCertificateById
          • API Method - getExpirySoonCertificate
          • API Method - getProfileinfoByProfilename
          • API Method -getCertificateProfileList
          • API Method- createCertificatesByIdWithMultipleCsrData
          • API Method - getPKCS12
          • API Method - createeSignCustomCertificateById
        • ePassport Certificate API Methods
        • emClient.jar
        • SOAP Information
        • ACME Protocol
        • CMP Protocol
        • EST Protocol
        • SCEP Protocal
      • User Manual
        • View CA Hierarchy
          • Delete Certificate and Keypair
          • Search Certificate
          • View Certificate
          • Export Certificate
        • Manage Profiles
          • Key Profiles
            • Edit
            • Key Profile Creation
              • Create HSM Key Profile
              • Create PKCS12 Key Profile
          • Certificate Profiles
            • Certificate Profile Creation
              • Create CA Self Signed Certificate
              • Create User Certificate Profile
              • Create OSCP Certificate Profile
          • CRL Profiles
            • New CRL Profile
        • Manage User Certificate
          • Enroll
            • Generation of Soft Token Certificate
            • Generation of Hard Token Certificate
          • Revoke/Suspend
          • Reinstate
          • Search
          • Sign CSR
          • Manual Authorize Certificates
          • SCT Request
        • Manage CA Certificate
          • Enroll
            • Create Self-Signed CA Certificate
            • Create Sub CA Certificate
            • Create OSCP Certificate
            • Generate Signing CSR
          • Manage CA Certificates
            • Search Certificate
            • Import Certificate
          • Revoke CA Certificate
          • Search
          • Sign CSR
          • Import PKCS12
        • Manage CRLS
          • Create CRL
          • Update CRL
          • Download CRL
          • Scheduler Configuration
        • Manage OSCP Certificates
          • Configure OSCP Certificate
          • OSCP Configuration
        • Recover User Keypair
          • Recover
            • Key Recovery with new Password
            • Key Recovery with old Password
        • Manage Users and Roles
          • Manage User
            • Create New User
            • View all users created
            • View individual user
            • Deactivate user
            • Activate user
            • Renew
            • Delete User
          • View Groups
        • Reports
          • Types of Reports
          • CRL Reports
          • Certificate Stastics
          • All Certificates Reports
          • Active Certificates Report
          • Revoked Certificates Report
          • Suspended Certificates Report
          • Expired Certificates Report
        • Application Logs
        • Backup
          • Manual Backup on Local Server
          • Manual Backup on Remote Server
          • Automatic Backup on Local Server
          • Automatic Backup on Remote Server
        • Backup Restoration
        • Dashboard Features
          • View all Active CA and User Certificates
          • View Revoked CA and User Certificates
          • View all expiring soon CA and User Certificates
          • View all CRL-based Certificates
        • Application Settings
          • Manage License
          • Setup and Registration
          • External Applications Onboarding
        • Manage Key stores
    • V4.0.13
      • User Manual
        • View CA Hierarchy
          • Delete Certificates & Key Pair
          • Search Certificate
          • View Certificate
          • Export Certificate
        • Manage Profiles
          • Key Profile
            • Edit
            • Key Profile Creation
              • Create HSM Key Profile
              • Create PKCS 12 Keyprofile
        • Certificate Profiles
          • Certificate Profile Creation
            • Create CA Self Signed Certificate Profile
            • Create SubCA Certificate Profile
            • Create User CA Certificate
            • Create OCSP Certificate
        • Manage User Certificate
          • Enroll
            • Generation Of Softtoken Certificate
            • Generation Of Hardtoken Certificate
          • Revoke/Suspend
          • Reinstate
          • Search
          • Sign CSR
          • Manual Authorize Certificates
          • SCT Request
        • Manage CA Certificate
          • Enroll
            • Create Selfsigned CA Certificate
            • Create Sub CA Certificate
            • Create OCSP Certificate
            • Generate Signing CSR
          • Manage CA Certificates
            • Search
            • Import Certificate
        • Revoke CA Certificate
        • Search
        • Sign CSR
        • Import PKCS 12
        • Manage CRLs
          • Create CRL
          • Update CRL
          • Download CRL
          • Scheduler Configuration
        • Manage OCSP Certificate
          • Configure OCSP Certificates
          • OCSP Configuration
        • Key Recovery
          • Recover
            • Key Recovery With New Password
            • Key Recovery With Old Password
        • Manage Users & Roles
          • Manage Users
            • Create New User
            • View All Users Created
            • View Individual Users
            • Deactive Users
            • Activate Users
            • Renew
            • Delete
            • Export All users
          • View Groups
        • Reports
          • Features
          • Types Of Reports
            • CRL Reports
            • Certificate Statistics
            • All Certificate Reports
            • Active Certificate Reports
            • Revoked Certificate Reports
            • Suspended Certificate Reports
            • Expired Certificates Reports
        • Application Logs
        • Backup & Restore
          • Backup
            • Manual Backup on Local Server
            • Manual Backup On Remote Server
            • Automatic Backup on Local Server
            • Automatic Backup On Remote Server
          • Backup Restoration
        • Dashboard Features
          • View All Active CA and User Certificates
          • View Revoked CA & User Certificates
          • View All Expiring Soon & User Certificates
          • View All CRL Based Certificates
        • Application Settings
          • Manage emCA Authentication Matrix
          • External Application On-Boarding
        • Manage Keystore
  • Deployment Models
    • Single Instance
    • High Availability Deployment
    • Hybrid Deployment
    • Cloud Deployment
    • List of Prerequisites
      • Installations
        • Token Drivers
        • emCA Websocket
    • emCA Deployment Guide
      • Prerequisites
        • Other Prerequisites
      • emCA
      • emCA API
      • OCSP Core
      • OCSP Responder Web
      • TSA Core
      • TSA Web
      • Scheduler
      • DB Password Encryptor
      • emCA Initial Setup
      • Copy of emCA Initial Setup
Powered by GitBook
On this page
  1. Release Versions
  2. V4 .0.17
  3. Open API Specifications
  4. API Methods

API Method - createPKCS12ById

PreviousAPI Method - createCertificateById and createcertificateP7BByIdNextAPI Method - reinstate

Last updated 1 year ago

Purpose

Use the “createPKCS12ById” method for creating the PFX certificate based on the profile Id selection.

Type of Method

POST

Request URL

Request Input Parameters

Parameter

Presence

Data Type

Description

signature

M

String

Need to pass (Subject DN details, key algorithm & size, PFX password) should be signed by the PFX which is shared by us.

Subject DN details should consist of the below mentioned fields

·CN *- CommonName

· SERIALNUMBER - serial no

· E - email address

· O- Organization

· S - State

· C - Country

· PostalCode – pincode

· 2.5.4.51 - houseIdentifier

· OU- Organisation Unit

· 2.5.4.65 - pseudonym

· STREET - Street Address

· Phone - Telephone Number

· T – Title

· UID - Unique Identifier

KeyAlogirthmAndSize* - RSA-1024 or RSA-2048

Password*- generated pfx password

You need to create string combining the subject DN details, Key algorithm and size, password. Each separated by comma. Refer below example.

For example

CN=Test123~SERIALNUMBER=04f85bdd24773b66e0bf16b0f59194c78855c7ffcb7c3cf40dce71ba4ff1e91~E=test987@test.com~O=eMudhra~OU=ESS~S=KARNATAKA~C=IN~PostalCode=570004~STREET= Bengaluru~ HOUSEIDENTIFIER=3-88~UID=test877~PSEUDONYM=test098~ PHONE=0123456789~TITLE=Mr~2.5.4.4=kumar~rfc822Name=arjun.kb@emudhra.com~dNSName=www.emudhra.com~dNSName=*.emudhra.com~iPAddress=10.80.106.78~iPAddress=10.80.106.79~registeredID=2.10.100.2.4.5~KeyAlogirthmAndSize=RSA-2048~Password=eMudhra@1

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

profileID

M

String

Pass Certificate profile name to be used to create PFX file.

subscriberId

M

String

Pass the Subscriber ID.

validity

O

String

Pass the validity in the form of (Days : Hours : Minutes : Seconds)

Days – 36135 (maximum days)

Hours - 23 (max hours)

Minutes - 59 (max minutes)

Seconds - 59 (max seconds)

to create certificate with the given validity.

validFrom

O

String

Pass the valid from, in the form of (Days : Hours : Minutes : Seconds).

applicationId

M

String

Pass application ID.

Sample JSON Object

Header:
Content-Type: application/json

Request JSON Data:

{
"signature" :
"MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwGggCSABIGLQ049
dGh1bGFzaSxTRVJJQUxOVU1CRVI9QVZBUEc0MjAxQSxFPXRodWxhc2kuZ0BlbXVkaHJhLmNvbSxPPWVtd WRocmEsUz1LQSxDPUlOLFBvc3RhbENvZGU9NTYwMTAzLEtleUFsb2dpcnRobUFuZFNpemU9UlNBLTEwMj QsUGFzc3dvcmQ9MTIzNAAAAAAAAKCAMIIDpjCCAo6gAwIBAgIDTEtBMA0GCSqGSIb3DQEBCwUAMHQxJTA
jBgNVBAMMHENlcnRpZmljYXRlTWFuYWdlciBSb290IDIwMTYxGDAWBgNVBAoMD2VNdWRocmEgTGltaXRl ZDEQMA4GA1UECwwHZW11ZGhyYTESMBAGA1UECAwJQmFuZ2Fsb3JlMQswCQYDVQQGEwJJTjAeFw0xODA1M DMwNTUyNDNaFw0yMDA1MDIwNTUyNDNaMCgxFzAVBgNVBA8MDkF1dGhlbnRpY2F0aW9uMQ0wCwYDVQQDDA
RyYWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4k/r47G8+eRm/zftRSwxg8koTXLEHG JF5MKJZjUsPweASFbxxcj1RwixCHaAP75n3u0JCOFBuOVDMlPMu47j9w+x6jig3IMdVhPo6/rU7Z75Gtw FQDvhLZhoz2VMrSThfjvhaYEiOYy4uhC7sXOVedCw3rFylFtbljgwgnPC6Rp75TesIKj1l+9dZY08OxyI CNUNluztcMOXDqk68rtzbZfPvtfH4msDpyUoJL7XmBwbXF7UMiISlCiSvqpjYyBsu+tPxuOpgxlGbyJGm Wfi9D7Nzg4a8SBW6NrRWhtGASUj+/SaJpH0LI5wTrmMri8vJ2r2LHyi0zdpk+9S8u3vwIDAQABo4GMMIG JMAwGA1UdEwEB/wQCMAAwIgYDVR0jAQH/BBgwFoAUgrVRaCBCfAEiYlkr6rtaEbNDgsEwIAYDVR0OAQH/ BBYEFJ4vM/W+gFWsqBapUx9p7OSBQfDbMA4GA1UdDwEB/wQEAwIEsDAjBgNVHSUEHDAaBggrBgEFBQcDA QYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBAENZq6xWQGZE+cwOD0CigiZYQqDRBpeMW1
hhtlo7isiKWAlllAZ60aHZ2pMAO30VVwvifEjDv2QvCe+IA5d6x/SIBt0f/FypZj6T4vY6h6Hcaks7zI3 gozMCCuHBeBS/wA7LPwyxkxxFwUzDeJkLYfmkFQH6HN2OT3BqY3cA2Qon/NHRdCc5vvY9pbSR0j4y/2wX qzROIyYjXt3U2z/IL1pkDlmpDmYzbafdIlCJ6xyFOKNRoLp6QiGTZNs5UaVPnxMOvsh2sA1EirFFsRiDB J6ycrAjff9ls4oIc5gpgp7TArXbogFP1lw5j8nj50se46Bv0aQ0D4WdThCljcC6xQMAADGCAhEwggINAg EBMHswdDElMCMGA1UEAwwcQ2VydGlmaWNhdGVNYW5hZ2VyIFJvb3QgMjAxNjEYMBYGA1UECgwPZU11ZGh yYSBMaW1pdGVkMRAwDgYDVQQLDAdlbXVkaHJhMRIwEAYDVQQIDAlCYW5nYWxvcmUxCzAJBgNVBAYTAklO AgNMS0EwDQYJYIZIAWUDBAIBBQCgaTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJB TEPFw0xODA4MDgxMDU3NDFaMC8GCSqGSIb3DQEJBDEiBCCRCU2QQn8vWt9lA+SkB/8weIKlUaHaSgmDqE
4GCgQZ0TANBgkqhkiG9w0BAQEFAASCAQAIjlSTHf+7EXSUuFV7S57vDdYyu5AhE5iJ2dJl03zo/Bc62yM RgWGPpLSTFBjo8102VQIACxfudcCNoV1pfPkTxTyhe/rMv/VnWaMcLLrJZ0JRu7WZgrfHkBZ7p1eIv6LR t/nja93Fuc2M8Jl8B00DeQDNkyjnIN3gVS+0Hr8/ZIfClYa3huxfm8h1PeQHupaZ53UZKONLe7rRVVJGI A2IZwRkXcxk/2Z47qw1hUFvtXokQBbqOj1rDhL3Dh6pOsU9XbXTKGXzmcs0I6RXSB3DHbwQtsPK7neEyJ BbxS0IpiKxY7IZtF2+m+WXmjWQyg7ZIYK0/X96XkYA7W7rcEPjAAAAAAAA",
"  userName" : "username"
"  password" : "password "
"  profileId" : "Class2IndividualEncryption-Oneyear" " subscriberId " : "XXX"
"validFrom": "12:21:2020 122:23:45"
"validity": "365:24:60:60"
 
"applicationId": "321321321"
}
//parameter :- signature //
“CN=test~SERIALNUMBER=AVAPG4201A~E=test@emudhra.com~O=emudhra~S=KA~C=IN~PostalCod e=560103~KeyAlogirthmAndSize=RSA-2048~Password=1234”

Parameter

Presence

Data Type

Description

requestData

M

String

All the request input parameters mentioned above should be converted to JSON object and encrypted with AES 256 key shared with you by emCA team.

Pass Encrypted JSON Object.

userName

M

String

You need to pass username that is registered with emCA for API process.

Header Details

Key

Presence

Value

Description

Application / JSON

M

Content-Type

Type of request should be in JSON Format.

Authentication Key

M

emKey

emKey is an encoded key (Refer section 4 for generating Authentication Key using command prompt).

Sample Request Data

Header:



Request Body:
 

Content-Type : application/json
emKey	: 47b54594063957de22fce0aeddd51a6adf4a80aa


{
 
"requestData":"E7utLpuJ0Xy9WK0IdHXjLjmtb7yr1DBCgoevpUPvVK4+3//WS1SPpdyszTZzDZrDUr 4YpE7TefGO0ZJNouHck6+kQ6oQGmvGLzv5qxzCmnOa5lEAOcuNTG05pwKLNdaVpxPlzHnSUooOeVTw9OV K9RdXE6vqxMF139tc3G3Rr8YwZt2NnrZXgqZi9BpDCIJl3+TJ8tXsE9Nq8nJuQSzobfJKlBhdu8Dz23GX CpPfoZ6JAnoFua6dP5AbnpZaoOjP6AlojQC98+rztAYfgul7CoFa3i/gHYC5RrFUYiNC5iVgFZYBu9Qkq dBpThAcQUFbnYaOBI9Uk/7lXJ6Rj32WM4xuscy3Df08C+G5FeTDS7sWm+Lma4JboX4uAUJpiwok05bz3I S3IhIRBEvfpAeECrfjRSRXK9UeIxSTcB+LnJSecdEBO3WDD2ydebM30V/vwKdgYozqbYIVoB7gcGhT7x2 GQQYFuIwZauR2CZSZ4HYAfUAqhsTwQsy+mL/EF9TS2i/cQttHgCnyrJS6MGaiSaOJrY07FbabZVKcqv80 PwTuiz0IwfNRqKsmA1Snb3CHtwQVk+hdMDVRZMpbVQaPvu/FfsK1hCCsNqcbBPQf36L2WlnEBqduoxVau u9D9tMxA04VIYlNP2XR7WEajHBrLtc4A9xBmSyfctpOBLcD3NZ7jz0n1yRP2a8HQQRIyxyGcLU+knUJAO booQn0/Y0bDyMM67Yrw+XCv3UhArFT2U81cFj0ImczJ45UALt7kHOPVpVW6nrocQvGAm/egybFfEMWCmY H1m4C7QFyI+U7Kv+mz8mq16oPt9H6zolzsABy7asJPNbXLEGRrrhl0e472AxZ5+jrYN/47lv9R9hVkXcF
/9PopwUWBvo8iAIfKpMQs4992ZEOMkyFRhh14xRKmL/Y4I+2OXtYSaFaYqnD9whtMv/F8bG0rcmd/7GS5 pYuG778rlM1a56/ImAirrUg87dMLI+wdUKhfx3OjX7Rh330KJJruheQ48F3SmzSi+aUZUYAGu+42dYfF7 d10j2BUjUPlH8DDOL61vHARgHRvsxr78Z7qsbNSc11wVsWubbufqmkZwxXN1GUMczdPfimnjeBpc/yXa/ r6og6kJ2WxGyiFDijJuEZz8hLRzu4Vg3ztSoIEByhqYXTMva9Sx07XpqRwX6mzTIGwHkkdhBaODaIT9xA FNLixqVZpV4XpYY/mVfNfKEnKvB7P2A47d7EupdrcFG2z9QZLCzdp9VDICkGwxqZELnS7Z38Tdy/EAVDU YQUYFlF8KO7ypNmO/injsCXsvsuPuFfqI0ZDaXwt1h8PckKqI9UtWhqeFpDo3lbt8ppCEx/NmmEbViMFt bvIT+DXmxnN/4ufwvcEjLwg5e6/ty9FK7ZZREGyMqL/tjx+h8EO58JakdynxE5sbZZaiTaTjrS9qBND2/ Qvfg5wYtqfsFqloZNY/nC2SNp8dkYX7PQLh+cO5NQPE7D50TVDAIh2L8VT81ulBuM2YIbq1oGRgkvotE0 zPD951sIdRh2ryQp/eUmi3v1caclsVTd8zRPMiaSIUzRBbuPOc7XP3jCoyFSeKlSY82GI9b47OEab7hvq zVKE6IoavcOXPBUZSHP0Wxt8PTyZi+xYthm8zFkRyUbK/JD6r178okCJitYGk8RwdwWAFF25lg2QO/RHY rweyZ9vLdBBK6RtURb8hjajhQqcqdr1m1maakl/u4CF+FLyj/lr+0boY4zFLI51Pxoyr31JBif4qplyLy
XsmUJkGSVOVOd2eQumyxWcwAAmQ/4BPv3A+uLqXBrIU5Ia7W3VvOQLkgBgRocBDcEWjMxLzxX+kvT+Jxm 4PJA36m9q/x2P/9geYilmyAchDon0RI4pG17Da5wYRgEY0lHNS1A6TDYv7P3Ns95g5OyInmKG8n9TFUYo
+8LBBLabgaen/NuLp7ucsa6eZj7PPScgzR6XizbIkkmLtWVqeMqS/KbzjDpih7Dr8IVJL0S+ByTybfgjh plqUMSNaR3Lh129Lm+KNenjOcZTuesSyVM5LzO38poQKXfM4PqEskq+ww9C27w9jsyph0uZHi6lRlPo5g UZ7t37y7d8uzk+xfi7I1uXee0vpMGz123mv/yORokVJuKxVrlLNJa6jXjlr0mc8MbCb5muu8aNZszjMrM g0RR8TQsUKqeory8fPJOVlUBtrkIKVhcd1/rALs4aFXildpSIlB37KoKyDBTML5g+fMWqi9d8S2x2lfnU mmVPGGf8vOomFv1V13Fs7eC1W5KOcMYXWCUcSP1c0MPhHUFi8bd0gw3nD5912bszn+KtRFJVfkMTC0ri0 gpNsarfuoAEBT8QnL9MgoYv+vu2Sn0S0MJydkVvpYKozNp3qYXifJhsOXGhpo1F362dng4pISSyZkek78 w0xoEcjhnd60iAjSkfmT6tWEa31katW+alR7+vdYNkpgabUVc5Xb5d4gTdjUde4/ulOJrOris+5RWDCJc GduIYvxNZ2VpPz4+1fRVLRFlG5ond/BJvh7ZTx+/DpXR0kFM9+CCkhxivAf17k51WnDqG0Jh/DkVVWQ8O P5UJYb+LCATqfT2e6+SowULynCuUoPZhJOws5sXLXREXw5GW77R+Epeg6NVwgB1iP9q4PWAnK2xZu/sr0 ejIocyIXO4JKQRnrDb9hXsC+5ePPx8Tugt/rv+dTYWR/tMDPlL4Xn/Tfjf3J7rDhlMr8MFsLpeZT2Y+qX 1829NsDCS+xQXoMOE8UwpAbqCBTIOndLdpPueS84Nr8KdytUxIr6PgxPvqXIz9cSyzQkZdEcJHOymdvYz zqnuj7o8y1uq5lqE03KJI0mUs6GOZThlcV1G0m9cL0oboRTFcNF4IW4dvzSwlZFfle38/xL2HwbfGGFbt dbvqMKaiknjR0CHgGPZeTcJIDlnJC7muRo05gzBjJgKskZ8MZXqv3q7XCxLVmP25ihgyUftuXHt73+FXG WomWfdXuk1dwqrxrOUa8rYlFlJXrTZZTSD7mvpKlRye5nlszGYR1O/ONq4JTR3hVAnvpXxqBvF/t5mJ57 pcJk8MJJyXdscXMCTCIQ7UWa+xcAplw1J0h2a1l30/uSvGGnj8eIVGsvjtvY8XB5yOTCRg9ulHsspmqVP RtOBB5G4d41QrylezL1ocowQQKZZ+bE6G5ZLibI8FmwKiH8rlCojmNeJywTLPTBCGyaFAPnOe6H+Nx5ML 0RGlvRnIThD/NZ1wEp0ZoxmsDXeVxu1dtXc3OlRvIk8tXA4hjIdo1wdc+ZaUuIyNuFcUJPWxb9270Kem1 0=",
"userName":"username"
}

Process

  • When request is received by the emCA service, we will decrypt the request JSON Object with the same AES key that is shared to the client.

  • After successful decryption, request JSON object (Subject DN details, Key algorithm & Size, PFX password) + Username + Password+ Profile ID+ Application ID + Valid From + Validity + Subscriber ID) is retrieved.

  • First emCA service will validate username and password and check if the IP Address used for request and registered with the user are same.

  • If request is registered with the same user, then we check if the certificate is already created for requested applicationId or not.

  1. If certificate is already created for applicationId then return existing certificate.

  2. If certificate is not created for applicationId then we create certificate using next step.

  • If it is same then (signature data) is validated by checking whether user info i.e. (Subject DN details, key algorithm & size, pfx password) is signed by the same pfx which is registered for the specific user.

  • If validation fails at any point in processing the request, the emCA service will throw error/failure message.

Response Parameters

Parameter

Data Type

Description

response

String

Returns JSON Object

JSON Object Contains below parameters

Parameter

Data Type

Description

status

String

Returns Status of the request as success if pfx(PKCS#12) is generated using selected certificate profile.

Returns status of the request as failure when authentication fails or unregistered user tries to call the API

result

String

Returns

In case of success: Base 64 encoded PFX data

In case of failure: error message will be displayed.

subscriberId

String

Returns Subscriber Id

requestid

String

Return request ID when user is manually authorized and request accepted successfully, otherwise it will return null.

Response JSON Format

Sample:
Success:
Response Body(Is Manual Authorization Enabled is “not“ checked from emCA)
{
"status":"success",
"result":" base 64 encoded PFX	data"
“subscriberId”:”XXX” "requestId": null 
}


Response Body (Is Manual Authorization Enabled is checked from emCA )
{
"status": "Success",
"result": " your request proceded sucssusfully", "subscriberId": "XXXX",
"requestId": “XXXX” 
}
Failure:
{
"status":"failure", "result":"<Error message>" “subscriberId”:null "requestId": null
}

Sample Base64 encoded PFX data

“JWZQMXsyd+xw86c/wcRDroFl6YREBJC1mcJCf6xVl1RHlNCDhqLqjpDRLsFEySJxrraAz0zAGAx3IhWcD Br2k+SWpGUdlogJyGP+3q3kZZaxJvnydoOArCxiDyD0km62LuUVjo1Ni1a01GrwH+KigqCb0RGJ6OAnk0d stZ+8pGymS5aKOCeLXHR/uC/JgT/8NlthI7PEmrFy1MzM+VtFJ2oooD2gn6IQa9pNkvDwyyojGgM0gD2/N IWy315rEU1pKx/OTQ+bui/hIdm/jQ6T8gch4nJLgdaPVznWHpJWEvbhVP3yiqXzfBw9Uyq/pjGyQHJrBvi wd0Dn7dJTNkbUe35aenUKeX2r7EyiJ+KOq9jhyfbzc2NvCjCHaTqYMUVzuf7Dhldhl9Vi+EC50b/BPrxpR OasumI4bgycVCr+SitO1XRfKjIXsacimnBEATIbZ3OxTnD3wb3PXzHWr8MP8QIdqReiJcgLdShcq5HnImu BeF8ahnt9WGoSfIh7NVnVb4nvyB1nUe5+XVf626AFYM2dx+8+8bcn3OtsN//nN8+N7LnnXwhzu9CDZNnIj lTKDSko1Cz6ZDAQmE+R1KIh3/pojU3RQOpyuHgA5BmGNcY6PYXz6sIfDYOWNid7j2NrJHeBdvw2HXyl9SR JFug2y1HaNjUOSFaX2r2leKm14wqBHIyraaArFvne5ZHCKaL1N74ZowrjKth7hM6afAhMCK7X1mMTNQGnzzCQV+dbmC47bss35kG9zCe9nr9AiG2N7CFnOWgwypdUxGIjYKGBrmpyPG3S9G+7079gjjP0Vck5S5Erkkb Oxbct3QxGeYO/LhMdCjKIWMX72Hce1ccwtMYelli2AW0MtrRoLQ6mJ34wV6fZ+Mti/tMn/8CPlC6wDbKkj YK9TJMEaLA4CLJpCb91euptmVTM09C6cj3B6jHEOTG5sbSMIeg7WJehva6DB3d666GaLi1jxXESUH/NTUr hy9FGiWt/cb+IMWSwRyKdKpW/gJegpK+IKBXblJRC2xJi+SRVQfrXiMABI18PSVotLcSj3W+Vrutb1TSII 83CioPjMrOGMcCkAg5oXat7Rk6Wfiy7OXoMGEdffKcrXTfbjj0d/rVHUuhRyalivROZ7L0bXwioUHZF0Ru h2eZ+OSnmpSot9dXkQdG6HrZdQSpw2tKoQXpS+y5i2MAzoztZUkGSuxxMPv8uMZ5jm09dbmM2HnGNY+DCa TQAO0YMq29fsy+sUGTl27GHQhosGiZeaGcXMBzZ4Pej2WuXo/hpHPrjiTZDzyxvus3iMXNgxyViH6Vaeu1 pVTWP7bBG+aJHVlHtlQdzobyKyTA+69HoM+BFKezUFcarg3zsl52fWCyXGkf3tIEGHfrpxWUuDhpu+Gm/1 aqhTNxfjAh8YwCCdJKw6PxS5W76emla3e17wrj4abyIOHh1kM+8EnS7POKHWuKleHDX26vfms1b/yeDCxg dj02f4G/HlDDhtBawj0MlMIgH2dCuhK2EZyrFXre9tqUoPrU8mSc/24D+xZk2AlgZVTfImi8gbY4pG0jTB DzTPsw3f1EukpAj8ApiI+ouju3GSgAEYklybjLLi76lNXekxrN1btIzPIhjcBtvF472Pgcn2X8wCS1PQ/n IMOxXoUQzgTLH2vt8TUL/ODpGxK95GkufqSlecAvfVCrFV3OV3+1To+PDhhoiU9x51ML/THpxvuARjiDpJ x/lCqYj40c8yR8tDGk9PhSu5+E542vaMCGUuhhzOJeIgLa80GQ3+5hzGbtxY07blgUwn5t3MEv7H9gPS0p SJnpZIyFrMmegNR7ZJYagQvmMVmI40bX+rImR3g8jMeUGdobHo3Dl2YELq13VmSOFqBbrS7hptM9Nu0DWt 6S1j9XIO750Sg1fC81dOJHeg7s1YRg4Lkb1UK+k7BPbzPy2uSdrTkGS/epKz2saf5OymlLRCO9VcZe/rs0 c3TXTYT6B3yJTq73C1ibC24t7nPPVZ8qn+qkbboyCtEAmLBdmxqKmfel6fjHv9rvWE+Vc0dJiCoEhGQRFQ U0IlVfNIbP4nl8z8ceXgZwD36pnOHEEsIfX9jdfA77KpVYWhOQKAoAg6yIu3rO+4h6dEzrexIc00The3af vfPL3aU2n4Kgov90NPrIzQwk3ZVxpQTTsVJJY5LiJfI3Dj0/GCDWgBv/NvDau/K8LIPRa2ZREDlns5Fjzf 6QM8KbCNAzBh9xyOVfw4gKy1Px0Lf9MllrGDE35mM71R7jJOr8SUv0YBZvSDN6571kLcYmAEC3f6VD/Vpb o+PyoKma7ONpTomy7rEn2w3ZWgcMOrhF1ssTai90eBw6VlNI8rV9KuBEnb/AfNJqRSUH2eW49Byxoi3ciR ztKVBEyYn3mX3kXDqBS3GjcbuNS+UyIps4H43YhRZ1gI5DSskI8h44s+yReDKBaamEmRiUQZ7f7pbZMTjQ u6pY9yqdsfCuzmEEuRsbgYKs+sJEQl27zCEfEWDENsbEZ6F0jTlUjwDtEhoFozBJAhPsUrg3saTTE6dWpW frg+4Aug6pwf6A6C4kX6oAbsb2jUG6y0XXzd4ahEp9d7IBgGmSJ5aG4/bARKS7CXeKk5Il0J6T4LmylmFn PRjG0e4hQH/j+SkRKrXUw8b/+Zn2TmdI3PIFXEYN7DQEKLhaZt4sHXH5aCw3ic6QbbIOMUX9QbCp1sSmse M8QXCzzBTZd9JHGlsMhLLk6nOi9mHkCQTCbeDe+rG0ZbEO2m26ZUn2uyACoflAYGdlhh7FhNglL4/2pSmL UeXVxEncMQ6lEMvePUjtvSbneBMLyvEjow4naFMU1cBP0ashnL5TTnnz7cHvRuNtVI6e7k33qyvEVqz62/ E3nrHNCzVjpwDZtkY6qwXo6To0ifJ/l8n1jhU9WJsqFk1+mevGtds8ie6iSXTG5Cpf0mD7DjqI+E2Y6GcL t6ENmHRl/5T3iUE3hQvMOBtRyAGsLkcoQ6AEx9ovcdliUHsfVQFhPEHjCaJIG5YknFQ2DP5aF8l3bYNlJw DA1I4W/BH8OM8p5hCGjEMTeR+6nrJ/RFqQVRDtu/S9MZ6GnLtb6q5EJWdufdFYPbNyAtgJ6AnKF0mN4/G5 VmcNXMRpxMz979efDMpi7BIu5PC5ngQP0MvyGcDyyxGzeq7h/ntzeaFf53phI0E1eW9YyQgpterc5ClV6J YuZHC3XXvmFZ/zehQ2+dV7N398c2LRl7mBShlx9oKx3KHpzKd++xpiSNAJgipchQUcb9RP0SxvViWgjkMe md4q0yQiCmm2ATr+DNqv3/Rm4grwX13hMvfsGtJIvbJvegxRrrXIrRB9cs2XsbF6dI7ocIRZEUMsU570WL DRmeqZTu9Blw0PGcxEjZas9abGScFEQRESGla3fZvqIq3nFI6gBYt8iy5wiD8aikRc1H8Zko7/SIWNpyGG Twoe2Qcl+WovGlhKstNZGdjruEb8s7/RNwlH1P2xLupFVl9yStRKoNfro2OO0/0PaJkplzvylBoucBnt5Z
/gfNTmi1UJDWavGrSB3KFTLobe9frHNG3vyJvk/g1G/nRSdt2NlKE5C8Mz0KutvN6CelIzJjU85+uRg2AL PHsL62StCsH8LIBqmwNQsKt7WbY5HayTYqgDczKUSbFLbYYrIsZQG9808ch2JmsIq4sKxlkcwpiRuRrQYo sY4Ozquyc7VfAHj1twkqv9L2Pj9Ldu4lLkvY5Xq4/AHjnqq+Yog/Qx/OJ4+fePIrgRL9dAbtJ2McyO0geu rp2kdLFY7fIj1VLa/4Y/wVXc06Sl4WO29QTwVLEgPskyipSab7omwlEVLsfUbOjPA09OQihp5BK1XTUWX2 iT5WhTkUnlMZ738/PyGqJ2HJIpEVruVPMoKXvbKqoqvHCDXRwZRBHorNZvjuASwEHyItxf9whDsbb9g1pt mW2sDEub9p2/FyRmRDR0U7SSgMaF8xJ4IR5PTAl3Ti3ShCR55WU1s7GA+xP55AOldDNWAGygLtAM3Y+0NM
/u8q2UzQ9RKUi8GYZdL4m/6kwrkZ00+SJu9voRIKVpukKFSuTlpCVWcEMBWdTXajV4JXxeq2Lc2vb58yYg ZIh8oSZ1RDmFu97yv7fXpilMIBC5Tn3Mwu7XLodepUn7X1HFwzeAHNPK7AzrgaqVX6Fx0BLS1qP9U6joAh LobKKBa/3D8jY/fEUegvYoq2cYTYVmzS5uzSzvcVsll0SNVkc0sATVhaIlO6wj5pekBkJmDlZejmAygUqR o4Z8B57NYOhO70kn72WY152maZRyrNGTzwI9DFuxDj04l4vI5GGIZi3y0EtKccSQo/QknBqDmbpL3aDjwq
+fxtDf+7MlwO2wqtyUuqQPYP+QzBRKB3sOtN33e8VE1wfLEXK2SecGELPhZna0BRd+umrSazi1/8obG8/k 0zMHAB8URg+YQ1HW/ZTiT6o1qHcpsXfLUM45BbvpndqJWIDk3AO+r4t2+DiXX3lQ+OM3fYG90+xkvDCZcc Q2fIu8lsRFqwv5LaILED+61AX+kBNqTNlt0s8O2bcUxSLihQjK4EwmXrcBdMm6hGwyO+oszkiayuW0nqj4 2+THwwsGMU9SK0XbqAka3S3+F4sMarGPTESfkg21mQnOrFQU9HXZyflRpCUie4hZ2eUVS1HH9xfgz3MsZP zMLxxdnSv+pMjUkHuefyR+yCcL6GwhNyOnhNI/NTjt+CtO7S3YU/LbhzNEyhCC3B3Yytx7GZK3pWcAPTWW dC/bdAtWp05UfQiVOQPRd1fVPMhtP3AVr8geRlPFYhz4bG4XN4NWeLx+RVF3766yuu9TbvnXFQUpCokKUQ KsbOh9SwPWpPgNC47FzPYHu+LfpBPm6SozQdvAew67u/pqfLkgjBZN9rD2KziZxs121JVWaNaME30K7G58 y6+ekriqUW71YOgLJfCOrracSvaEHjqYqtWieVND/W7kHqAc5Qyp3oL7Ek+HhSTbe2HEfyvik2U75PouoM 9Y7Gc998GdT3g==~rO0ABXNyAC1qYXZhLnNlY3VyaXR5LmNlcnQuQ2VydGlmaWNhdGUkQ2VydGlmaWNhdG VSZXCJJ2qdya48DAIAAlsABGRhdGF0AAJbQkwABHR5cGV0ABJMamF2YS9sYW5nL1N0cmluZzt4cHVyAAJb QqzzF/gGCFTgAgAAeHAAAAMRMIIDDTCCAfWgAwIBAgIQUK9WdhO1bnNZwJ8zqdGAcDANBgkqhkiG9w0BAQ sFADAZMRcwFQYDVQQDEw5DQSBDZXJ0aWZpY2F0ZTAeFw0xOTEwMTcxNDQ3MTFaFw0xOTExMTYxNDQ3MTFaMBAxDjAMBgNVBAMTBXVzZXIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueG24AyfCiBLAQ
NV9qlRTR1VWooQB/keniBhj0nEtZoOSLVQicFVCi68T4wkh+7rrYic3DxMeA22ljgP5ppOhtRZuzVU5g19 e1fqf/j2ayGPoIjcnneh3gggcgbF+kEOyMI/9IoPdyf0T6SQwtFa6OlsOUYiStTp2vU4kfBjqPmQSANWb3 DwHCM1UM3cYYz3b/RZUlXZcndK+s7QmZsnaXydUVJTGJjRMMLI2XHh0KBrSo68hoH89ip+ZFPSC6S2tCloVe2ynzxECNW91xnf06fc4p7QchYcMpcz9ROOlbFEt8/wUHj/L7amQ7ldllh5qnJpwu8ohN/n7hpN8FHeOQ IDAQABo1owWDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIGwDAfBgNVHSMEGDAWgBScvNwtCTNtzFQb7GQ6V5QB
oPNtzzAdBgNVHQ4EFgQUcsefCGytf2JgPCIh/OvZuXbkMkcwDQYJKoZIhvcNAQELBQADggEBAJ4JyQ3UxJ gVnX50ozkoMZuYYchfWCQBtupIrXfLdkR4kceLTpysBZlO1h2ZIhkU+Omq11gCN675WQAb1gIkzZFNe2g8 qgii5j6N/xT9IXNUXlKryBjAHWMe1UiXa8NXTJm4KeAU71ju+2gH0OfM6ndPcXOn0e6QkRD2up5qrGBT6q 77HDlOxRu8Pcwi3tBX6UXZgypuI3Jut5QhFUCk0hv12Rp+KHdNI9kCQoXqyzyN1K5MeeTB3ZuACTOnVN80 l3NlH01yIOb5X+7DcBN6O33/5FkKCq3IU6y1YvooKu6DnicocuvyozKzk/XThS5aPBfT1fRaWTtpx+kLPA EPBdR0AAVYLjUwOQ==”

Error Messages

Error Message

Description

Profile does not exist

If the given certificate profile Id is invalid

Signature verification failed

If signature parameter (user info) contains invalid user details (Subject DN details, key algorithm & size, pfx password) signed by pfx which is shared by eMudhra.

Invalid validity

validity should be in proper format dd:hh:mm:ss e.g: 120:23:45:54

Invalid From Date

Invalid Input: From Date should be in proper format dd:MM:YYYY hh:mm:ss e.g: 12:12:2019 00:00:00

http://www.example.com/emCAServices/rest/createPKCS12ById