API Method -getCertificate
Last updated
Last updated
Use the “getCertificate” method for retrieving the x509 certificate created with your account based on the serial number passed.
POST
http://www.example.com/emCAServices/rest/getCertificate
When request is received by emCA service, we will decrypt the request JSON Object with same AES key that is shared to the client.
After successful decryption, request JSON object (Signed serial number + Username + Password) is retrieved.
First the emCA service will validate username and password and check the IP Address used for request and registered with the user are same.
If it is same then signed data (signature) is validated by checking whether serial number is signed by pfx which is registered for the specific user.
If validation fails at any point in processing the request, the emCA service will throw error /failure message.
JSON Object Contains below parameters
Response JSON Format
Parameter
Presence
Data Type
Description
signature
M
String
Certificate serial number has to be signed with PFX shared by us.
Pass Signed certificate serial number i.e., PKCS#7 data.
userName
M
String
You need to pass username that is registered with emCA for API process.
password
M
String
You need to pass the password that is registered with emCA for API process.
Parameter
Presence
Data Type
Description
requestData
M
String
All the request input parameters mentioned above should be converted to JSON object and encrypted with AES 256 key shared with you by the emCA team.
Pass Encrypted JSON Object.
userName
M
String
You need to pass username that is registered with emCA for API process.
Key
Presence
Value
Description
Application / JSON
M
Content-Type
Type of request should be in JSON Format.
Authentication Key
M
emKey
emKey is an encoded key (Refer section 4 for generating Authentication Key using command prompt).
Parameter
Data Type
Description
response
String
Returns JSON Object
Parameter
Data Type
Description
status
String
Returns Status of the request as success, if x509 certificate is available with respect to your account and serial number passed.
Returns status of the request as failure when authentication fails or unregistered user tries to call the API
result
String
Returns
In case of success: base 64 encoded x509 certificate data
In case of failure: error message will be displayed.
subscriberId
String
Returns Subscriber Id
requestId
String
Return Request ID null.
Error Message
Description
invalid input ~ Signature does not contain valid data
If signature parameter (CSR) contains invalid data (Subject DN details, key algorithm & size, pfx password)
Signature verification failed
If signature parameter (certificate serial number) contains invalid certificate serial number.
Insufficient data
If data to create PFX does not contain required details of selected certificate profile
No Data Found For <serial number>
If no certificate is available for requested certificate serial number