API Method-getCertificateByRequestID

Purpose

Use the “getCertificateByRequestID” method to request for the certificate/pfx/P7B/rekey after the officer manually authorizes the Certificate

Type of Method

POST

Request URL

http://www.example.com/emCAServices/rest/getCertificateByRequestID

Request Input Parameters

Parameter

Presence

Data Type

Description

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

signature

M

String

Pass the signed data in section 5 i.e., PKCS#7 data (it should be request id)

Signed RequestID

Sample JSON Object

Header: 
			Content-Type : application/json

	Request Body:
	
		{
			"requestData" : "Q/5rvKIZvoMfuZQnysxcGawX4wC1xRttkCHEExreOwUCltgPG0FmsAbEmNHgHvdM2A7Vadyks2IDACydZDRG9rS/uq93IO3KMAyazof7IJXz31c3LiXorwiRksUFOrH2IqYbqI1q88Sf3rnxoTdq8oaOzYB2LoNPh8dZihJyDIR33BccF1Dg/sS/UAwxJ3fjbPzRJpFcqhi2FX1IS8TxyW2PZtPyLtSddyDFxliryGv8RMmVem6NdJYeNHcYo82qHtszdepvIWCi/DLCqs1alR9TcOsKQ8skBTUQY5xfiuONm68zytXBlF+MIAB40Wsw/12zywoCe2z14wqA/mvzF6Jd/Cw3059NfW8FtmBS502ty4l+kSDallVUCSFP9b9Drsh4q/giwT+zHa/SQ3LWCFkjDLaB/OMzMaZfAFwm27/mDB4mSWVMPzMo8CDBvNNNekeV6lSeKSJ7rEbR2JJYIeLzQFp++Dvnp0KZHZu5r+muXAPFCnsDj3MbLrpvbdl3VYKjtDCu0MXi/LX787pStPvr9coMmHTCwja5p7RwI7Ji/nbOnVpT8f2ylx/Rq7vTFRGAqnFmEK5HAkN6Owdf/dKaKUtifXzJqgjYft0NS7uoXbEJWbb4I86AqLhsPbqqN2zlOXZIaYLvkoleo//gAcevv6ZS3jk5rkhueR44ablyv5nhgQ25Fhg5cqu4hxUBOi1MRXk5RpA6RZkaz+DPGSsJJ4+yKzTEnxhUZvnqzeFEf1cvIU3Fx9PLmvrQ50cE28AdNu749WOUyjq/eZCFC1rmY6KyThU4ng49S+iqCrUiIIF+McgjbuVPRvy0M9eYi9HpVOduV7XEI2zrRLpID0ueVwo/j6XePsofLvk/5J/xT9S8Ge6wgVNQzkO47eLi2VEPf5OXRopBaSLFZ1SPIgBVumlSnPgLfdNVOirJjhqMyADZrXgoAw3c+YTqRhsRDAhtPKx90Qtw643eLEi/1ujz9ZxB6yzTvFYnh05eaM+N08QVlEJcS+z84vqnY6/+8746T6Ct/tDrLdFCNVvveSEPVCujbE6LI6pzAnNuHWZoFYoDjANRTDuS8m3LY3mcC24cTJnNTt7a/hF6IsUj0ygfVctkpATXvW9p1m4p6BpYmXFSP6w0nMvKnHd+Uy2R3qykk/1R6YoZbaG9dM3LrAqqAILkYNucL32xZCbSSKX6HIQtZ0WMAfTubYXLsDnAZCLeph1P+fjnkbgrpizkQg==",		
		}

Parameter

Presence

Data Type

Description

requestData

M

String

All the request input parameters mentioned above should be converted to JSON object and encrypted with AES 256 key shared with you by the emCA team.

Pass Encrypted JSON Object.

userName

M

String

You need to pass username that is registered with emCA for API process.

Header Details

Key

Presence

Value

Description

Application / JSON

M

Content-Type

Type of request should be in JSON Format.

Authentication Key

M

emKey

emKey is an encoded key (Refer section 4 for generating Authentication Key using command prompt).

Sample Request data

requestData	
		{
			"signature" : "MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwGggCSABAVwYXdhbgAAAAAAAKCAMIIDpjCCAo6gAwIBAgIDTEtBMA0GCSqGSIb3DQEBCwUAMHQxJTAjBgNVBAMMHENlcnRpZmljYXRlTWFuYWdlciBSb290IDIwMTYxGDAWBgNVBAoMD2VNdWRocmEgTGltaXRlZDEQMA4GA1UECwwHZW11ZGhyYTESMBAGA1UECAwJQmFuZ2Fsb3JlMQswCQYDVQQGEwJJTjAeFw0xODAxMDMxMjIzNDBaFw0yMDAxMDMxMjIzNDBaMCgxFzAVBgNVBA8MDkF1dGhlbnRpY2F0aW9uMQ0wCwYDVQQDDARyYWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7KCKiYzr+qMLctENHdC2fKaXyrQAlshfDBaojnByJdDVknlSfeqjNrYn47MJcG+/UpnA/WD1fg5gRvBIILcyhGKGCLuq4T5pMSbo3YlvcZIQWXp8pmhN4qmoNA35mMmP9ikFuDBIhWEj6NbEo0iUPVDSU0Lkx92+8nLROc+jI+h7Ymr0z2N8X3yWXSxSyH6RvF/Hc4uOb163mSJImd3AM50KfLuflShyU+sRPcuYZMNS9Aq48zLVySpAaHxY6xzi3eYyZWptP68i8P/UmPZEBYLlaaKG2r8RXh6E0pfclTI0rt5a9N3bwpaqig5nmFMUGvatzWjvYm/Mi2ETjXW9wIDAQABo4GMMIGJMAwGA1UdEwEB/wQCMAAwIgYDVR0jAQH/BBgwFoAUgrVRaCBCfAEiYlkr6rtaEbNDgsEwIAYDVR0OAQH/BBYEFCKdNzngYMsrwvlBavT8kukvbPrOMA4GA1UdDwEB/wQEAwIEsDAjBgNVHSUEHDAaBggrBgEFBQcDAQYIKwYBBQUHAwIGBFUdJQAwDQYJKoZIhvcNAQELBQADggEBAEA2pvI4g36e55Ym/GrBgWpBpZ4oLRWW79cQE6JQobREB0LNr0alC7p8R9Yibcx3ZWmOQKjNU4AE2SmoPtlDgF9xnkP5suO2aHq8xM5tx6AOZQEVR3Vp0vd2EcDW0rVKb9a9D1qQ2mJqc/PI5jVj2qKfQkW3veQ4f6raBiAUAD12w4Bn3PMHatiwLs/CM0sMkoHbpgvoGwVAHXZF2o1O7LXnAP+jjGy9TWtz9bDcTnNE9qSKZvNRtjLQRoj0Vvzi0iPbG91n8QoTepJtAjOGHoTgCvDjBcNfKW+qB0q/7VCeeKqtiVAMda74N5ETJ/I/vfvHHFb23UHL2nTVTltdWjMAADGCAhEwggINAgEBMHswdDElMCMGA1UEAwwcQ2VydGlmaWNhdGVNYW5hZ2VyIFJvb3QgMjAxNjEYMBYGA1UECgwPZU11ZGhyYSBMaW1pdGVkMRAwDgYDVQQLDAdlbXVkaHJhMRIwEAYDVQQIDAlCYW5nYWxvcmUxCzAJBgNVBAYTAklOAgNMS0EwDQYJYIZIAWUDBAIBBQCgaTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xODAxMTUwNTQwMDRaMC8GCSqGSIb3DQEJBDEiBCB2iiOOBmfEHJMS2IbdO/GN9IJcbXOw4JbjOsBmpyB8BTANBgkqhkiG9w0BAQEFAASCAQB6vnfd6uF1ePr4bj8JhuJlqzV9ENuNsmG/SxfeUKQpr7zRcQWEn5OAz/ZPOsWhacopfNXI7uA2T+dUwAHTwGR7Ns9oFtEMwk7vpR+cSmnRpQ17ayu7Adfn0t1Qk2/mi50ynwh17dUN1GayvB8WfjdNsk3pSQAa66JdQ+iv8ZhdOTNiuuxe6WOXzroUftrbi4bKzjp80vLMeCaD91u7ZpjAhzc91rMFMoa8vKbW3ALZ2q4lE7RpzlhoG8p8iEX2wuXXkNlEFq4sjXBlq3pSDnniomtx3Zz0ncTP/yl6yus8ygUY/Q1O21M2oqIFX0XJ4rIiQRxwT5j40amwI9EQbpSzAAAAAAAA",
" userName" : "username"
 " password" : "password "
 "requestId": "string"	
"applicationId": "string"
“isSignedData”  : “true/false”
			
}

Process

  • When request is received by the emCA service, we will decrypt the request JSON Object with the same AES key that is shared with the client.

  • After successful decryption, request JSON object (Signed data (request id) + Username + Password) is retrieved.

  • First emCA service will validate username and password and check if the IP Address used for request and registered with the user and are same.

  • If it is same then signed data (signature) is validated by trust verification, CRL verification and expiry.

  • If validation fails at any point in processing the request, the emCA service will throw error/failure message.

Response Parameters

Parameter

Data Type

Description

response

String

Returns JSON Object

JSON Object Contains below parameters

Parameter

Data Type

Description

status

Srting

Returns Status of the request as “Pending” if user has not got the certificate approved from the officer.

Returns Status of the request as “Rejected” if officer has rejected the certificate

Returns Status of the request as “Success” if certificate is approved by the officer and will get the corresponding certificate

Returns status of the request as “failure” when authentication fails or unregistered user tries to call the API

result

String

Returns

In case of Pending: “Request Accepted Successfully but not Processed” message will be displayed.

In case of Rejected: “Reason of the Rejection”

message will be displayed.

In case of success: “Certificate data based on the type of request” message will be displayed.

In case of failure: error message will be displayed

subscriberId

String

Return Subscriber ID.

requestId

String

Return request ID when request accepted successfully otherwise return null.

Response JSON Format

Sample:
{
  "status": "Pending",
  "result": "Request Accepted Successfully but not Processed",
  "subscriberId": ”XXX”
  "requestId": null,
  “aliasname”:null
}    

{
  "status": "Rejected",
  "result": "Reason of the Rejection",
  "subscriberId": ”XXX”
  "requestId": null,
  “aliasname”:null
}    

{
  "status": "Success",
  "result": "Certificate data based on the type of request",
  "subscriberId": ”XXX”
  "requestId": null,
  “aliasname”:null
}    
  Failure:
{
  "status": "failure",
  "result":"<Error message>"  
  "subscriberId": ”XXX”
  "requestId": null,
  “aliasname”:null
}

Error Messages

Error Message

Description

Invalid Request Id

If invalid request id given by user “No data found for request Id” message will be displayed

PreviousAPI Method -rekeyNextAPI Method - createCustomCertificateById

Last updated