LogoLogo
  • emCA Certificate Manager
  • Introduction
    • Summary
    • Key Features
    • Key Components
    • Architecture
    • Use Cases
    • Security
    • Role based Access
    • Licensing
    • How emCA Works ?
  • Release Versions
    • V4.2.6
    • V4.2.5
    • V4.2.4
      • User Manual
        • CA Administrator
          • CA Admin Login
          • Dashboard Page
          • View CA Hierachy
          • Manage User Certificates
            • Search
          • Manage CA Certiifcates
            • Search
          • Manage User & Roles
            • Manage User
            • Create New User
            • View Groups
          • Reports
            • Application Logs
            • CRL Report
            • Certificate Statistics
            • All Certificates
            • Active / Revoked / Suspended / Expired Certificates
          • Application Settings
            • Manage License
            • Manage Authentication Matrix
            • Certificate Features
        • Administrator
          • View Hierachy
          • Manage Profiles
            • Manage Certificate Profiles
              • X509 certificate profile
              • Create CVC CA certificate profile
              • Create EMV Certificate Profile
            • Manage Key Profiles
            • Manage CRL Profiles
          • Manage User Certificates
          • Manage CA Certificates
          • Manage Keystores
          • Manage Users & Roles
          • Reports
          • Application Settings
          • Setup & Registeration
          • External Applications
          • Mail Settings
          • Manage Certificate Features
        • Officer
          • CA Hierarchy
          • Manage User Certificates
          • Manage CA Certificates
          • Manage CRLs
          • Manage EMV Certificate
          • Manage EMV CRLs
          • Manage Keystores
          • Manage OCSP Certificates
          • Recover User keypair
          • Reports
        • Auditor
          • CA Hierarchy
          • Reports
      • emCA_Deployment_Document
    • V4.2.3
      • User Manual
        • CA Administrator
          • CA Admin Login
          • Dashboard Page
          • View CA Hierachy
          • Manage User Certificates
            • Search
          • Manage CA Certiifcates
            • Search
          • Manage User & Roles
            • Manage User
            • Create New User
            • View Groups
          • Reports
            • Application Logs
            • CRL Report
            • Certificate Statistics
            • All Certificates
            • Active / Revoked / Suspended / Expired Certificates
          • Application Settings
            • Manage License
            • Manage Authentication Matrix
            • Certificate Features
        • Administrator
          • View Hierachy
          • Manage Profiles
            • Manage Certificate Profiles
              • X509 certificate profile
              • Create CVC CA certificate profile
              • Create EMV Certificate Profile
            • Manage Key Profiles
            • Manage CRL Profiles
          • Manage User Certificates
          • Manage CA Certificates
          • Manage Keystores
          • Manage Users & Roles
          • Reports
        • Officer
          • CA Hierarchy
          • Manage User Certificates
          • Manage CA Certificates
          • Manage CRLs
          • Manage EMV Certificate
          • Manage EMV CRLs
          • Manage Keystores
          • Manage OCSP Certificates
          • Recover User keypair
          • Reports
        • Auditor
          • CA Hierarchy
          • Reports
        • Operator
          • CA Hierarchy
          • Backup
    • V4.2.2
      • User Manual
        • CA Administrator
          • CA Admin Login
          • Dashboard Page
          • View CA Hierachy
          • Manage User Certificates
            • Search
          • Manage CA Certiifcates
            • Search
          • Manage User & Roles
            • Manage User
            • Create New User
            • View Groups
          • Reports
            • Application Logs
            • CRL Report
            • Certificate Statistics
            • All Certificates
            • Active / Revoked / Suspended / Expired Certificates
          • Application Settings
            • Manage License
            • Manage Authentication Matrix
            • Certificate Features
        • Administrator
          • View Hierachy
          • Manage Profiles
            • Manage Certificate Profiles
              • X509 certificate profile
              • Create CVC CA certificate profile
              • Create EMV Certificate Profile
            • Manage Key Profiles
            • Manage CRL Profiles
          • Manage User Certificates
          • Manage CA Certificates
          • Manage Keystores
          • Manage Users & Roles
          • Reports
        • Officer
          • CA Hierarchy
          • Manage User Certificates
          • Manage CA Certificates
          • Manage CRLs
          • Manage EMV Certificate
          • Manage EMV CRLs
          • Manage Keystores
          • Manage OCSP Certificates
          • Recover User keypair
          • Reports
        • Auditor
          • CA Hierarchy
          • Reports
        • Operator
          • CA Hierarchy
          • Backup
    • V4.2.1
    • V4 .0.17
      • Open API Specifications
        • Prerequisites
        • Process for calling emCA API
        • How to Generate an Authentication Key
        • How to Generate Signed Data (PKCS#7)
        • How to create JSON Object before Encryption
        • How to encrypt JSON object
        • How to generate a request JSON Object
        • API Methods
          • API Method -createCertificate and createCertificateP7B
          • API Method -createPKCS12
          • API Method -getCertificate
          • API Method - revoke
          • API Method - verifySignature
          • API Method - createCertificateById and createcertificateP7BById
          • API Method - createPKCS12ById
          • API Method - reinstate
          • API Method - suspend
          • API Method -rekey
          • API Method-getCertificateByRequestID
          • API Method - createCustomCertificateById
          • API Method - getExpirySoonCertificate
          • API Method - getProfileinfoByProfilename
          • API Method -getCertificateProfileList
          • API Method- createCertificatesByIdWithMultipleCsrData
          • API Method - getPKCS12
          • API Method - createeSignCustomCertificateById
        • ePassport Certificate API Methods
        • emClient.jar
        • SOAP Information
        • ACME Protocol
        • CMP Protocol
        • EST Protocol
        • SCEP Protocal
      • User Manual
        • View CA Hierarchy
          • Delete Certificate and Keypair
          • Search Certificate
          • View Certificate
          • Export Certificate
        • Manage Profiles
          • Key Profiles
            • Edit
            • Key Profile Creation
              • Create HSM Key Profile
              • Create PKCS12 Key Profile
          • Certificate Profiles
            • Certificate Profile Creation
              • Create CA Self Signed Certificate
              • Create User Certificate Profile
              • Create OSCP Certificate Profile
          • CRL Profiles
            • New CRL Profile
        • Manage User Certificate
          • Enroll
            • Generation of Soft Token Certificate
            • Generation of Hard Token Certificate
          • Revoke/Suspend
          • Reinstate
          • Search
          • Sign CSR
          • Manual Authorize Certificates
          • SCT Request
        • Manage CA Certificate
          • Enroll
            • Create Self-Signed CA Certificate
            • Create Sub CA Certificate
            • Create OSCP Certificate
            • Generate Signing CSR
          • Manage CA Certificates
            • Search Certificate
            • Import Certificate
          • Revoke CA Certificate
          • Search
          • Sign CSR
          • Import PKCS12
        • Manage CRLS
          • Create CRL
          • Update CRL
          • Download CRL
          • Scheduler Configuration
        • Manage OSCP Certificates
          • Configure OSCP Certificate
          • OSCP Configuration
        • Recover User Keypair
          • Recover
            • Key Recovery with new Password
            • Key Recovery with old Password
        • Manage Users and Roles
          • Manage User
            • Create New User
            • View all users created
            • View individual user
            • Deactivate user
            • Activate user
            • Renew
            • Delete User
          • View Groups
        • Reports
          • Types of Reports
          • CRL Reports
          • Certificate Stastics
          • All Certificates Reports
          • Active Certificates Report
          • Revoked Certificates Report
          • Suspended Certificates Report
          • Expired Certificates Report
        • Application Logs
        • Backup
          • Manual Backup on Local Server
          • Manual Backup on Remote Server
          • Automatic Backup on Local Server
          • Automatic Backup on Remote Server
        • Backup Restoration
        • Dashboard Features
          • View all Active CA and User Certificates
          • View Revoked CA and User Certificates
          • View all expiring soon CA and User Certificates
          • View all CRL-based Certificates
        • Application Settings
          • Manage License
          • Setup and Registration
          • External Applications Onboarding
        • Manage Key stores
    • V4.0.13
      • User Manual
        • View CA Hierarchy
          • Delete Certificates & Key Pair
          • Search Certificate
          • View Certificate
          • Export Certificate
        • Manage Profiles
          • Key Profile
            • Edit
            • Key Profile Creation
              • Create HSM Key Profile
              • Create PKCS 12 Keyprofile
        • Certificate Profiles
          • Certificate Profile Creation
            • Create CA Self Signed Certificate Profile
            • Create SubCA Certificate Profile
            • Create User CA Certificate
            • Create OCSP Certificate
        • Manage User Certificate
          • Enroll
            • Generation Of Softtoken Certificate
            • Generation Of Hardtoken Certificate
          • Revoke/Suspend
          • Reinstate
          • Search
          • Sign CSR
          • Manual Authorize Certificates
          • SCT Request
        • Manage CA Certificate
          • Enroll
            • Create Selfsigned CA Certificate
            • Create Sub CA Certificate
            • Create OCSP Certificate
            • Generate Signing CSR
          • Manage CA Certificates
            • Search
            • Import Certificate
        • Revoke CA Certificate
        • Search
        • Sign CSR
        • Import PKCS 12
        • Manage CRLs
          • Create CRL
          • Update CRL
          • Download CRL
          • Scheduler Configuration
        • Manage OCSP Certificate
          • Configure OCSP Certificates
          • OCSP Configuration
        • Key Recovery
          • Recover
            • Key Recovery With New Password
            • Key Recovery With Old Password
        • Manage Users & Roles
          • Manage Users
            • Create New User
            • View All Users Created
            • View Individual Users
            • Deactive Users
            • Activate Users
            • Renew
            • Delete
            • Export All users
          • View Groups
        • Reports
          • Features
          • Types Of Reports
            • CRL Reports
            • Certificate Statistics
            • All Certificate Reports
            • Active Certificate Reports
            • Revoked Certificate Reports
            • Suspended Certificate Reports
            • Expired Certificates Reports
        • Application Logs
        • Backup & Restore
          • Backup
            • Manual Backup on Local Server
            • Manual Backup On Remote Server
            • Automatic Backup on Local Server
            • Automatic Backup On Remote Server
          • Backup Restoration
        • Dashboard Features
          • View All Active CA and User Certificates
          • View Revoked CA & User Certificates
          • View All Expiring Soon & User Certificates
          • View All CRL Based Certificates
        • Application Settings
          • Manage emCA Authentication Matrix
          • External Application On-Boarding
        • Manage Keystore
  • Deployment Models
    • Single Instance
    • High Availability Deployment
    • Hybrid Deployment
    • Cloud Deployment
    • List of Prerequisites
      • Installations
        • Token Drivers
        • emCA Websocket
    • emCA Deployment Guide
      • Prerequisites
        • Other Prerequisites
      • emCA
      • emCA API
      • OCSP Core
      • OCSP Responder Web
      • TSA Core
      • TSA Web
      • Scheduler
      • DB Password Encryptor
      • emCA Initial Setup
      • Copy of emCA Initial Setup
Powered by GitBook
On this page
  • Java Code for createCertificate(), createPKCS12(), and createCertificateP7B()
  • NET Code for createCertificate(), createPKCS12(), and createCertificateP7B()
  • Java Code for getcertificate
  • .Net Code for getcertificate
  • Jave Code for revoke
  • .Net Code for revoke
  • Java Code for verifysignature
  • .Net Code for verifysignature
  • Java Code for createCertificateById, createPKCS12ById & createCertificateP7BById
  • .Net Code for createCertificateById, createPKCS12ById & createCertificateP7BById
  • Java Code for Suspend
  • .Net Code for Suspend
  • Java Code for reinstate
  • .Net Code for reinstate
  • Java Code for rekey
  • .Net Code for rekey
  • Java Code for getCertificateByRequestID
  • .Net Code for getCertificateByRequestID
  • Java Code for createCustomCertificateById
  • .Net Code for createCustomCertificateById
  • Java Code for getExpirySoonCertificate
  • .Net Code for getExpirySoonCertificate
  • Java code for getProfileinfoByProfilename
  • .Net Code for getProfileinfoByProfilename
  • Java Code for getCertificateProfileList
  • .Net Code for
  • Java Code for createCertificatesByIdWithMultipleCsrData
  • .Net Code for
  • Multi-CSR Request PDF
  • Java Code for createeSignCustomCertificateById
  • .Net Code for createeSignCustomCertificateById
  • Java Code for getPKCS12
  • .Net Code for getPKCS12
  1. Release Versions
  2. V4 .0.17
  3. Open API Specifications

How to create JSON Object before Encryption

Note:

Create a JSON object before encryption using the following terminology for the presence of each field:

  • M: Mandatory - The field MUST be present.

  • O: Optional - The field MAY be present.

Java Code for createCertificate(), createPKCS12(), and createCertificateP7B()

CreateX509Entity certUtil = new CreateX509Entity(); 
certUtil.setProfileName(profileName); 
certUtil.setUserName(userName); 
certUtil.setPassword(password); 
certUtil.setSignature(signature); 
certUtil.setSubscriberId(subscriberId);
certUtil.setApplicationId(applicationId);

// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); 
String json = ow.writeValueAsString(certUtil);

NET Code for createCertificate(), createPKCS12(), and createCertificateP7B()

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," 
+ "\"userName\":\"" + <User Name> + "\"," 
+ "\"password\":\"" + <Password> "\"," 
+ "\"profileName\":\"" + <Certificate Profile Name> "\"," 
+ "\" subscriberId \":\"" + < subscriberId > + "\"," 
+ "\"applicationId\":\"" + < applicationId> +
"\"}";

userName

M

String

You need to pass username that is registered with emCA for API process

password

M

String

You need to pass the password that is registered with emCA for API process

profileName

M

String

Pass Certificate profile name to be used to create x509Certificate

signature

M

String

Pass the signature (signed data) in section 5 i.e., PKCS#7 data

Note:

To generate the signature (sign data) for createCertificate and createCertificateP7B APIs, pass the CSR.

For createPKCS12 API, generate the signature (sign data) by passing the CSR information in the format below.

“CN=Test123~SERIALNUMBER=04f85bdd24773b66e0bf16b0f59194c78855c7ffcb7c3cf40dce71ba4ff1e91~E=test987@test.com~O=eMudhra~OU=ESS~S=KARNATAKA~C=IN~PostalCode=570004~STREET= Bengaluru~ HOUSEIDENTIFIER=3-88~UID=test877~PSEUDONYM=test098~ PHONE=0123456789~TITLE=Mr~2.5.4.4=kumar~rfc822Name=arjun.kb@emudhra.com~dNSName=www.emudhra.com~dNSName=*.emudhra.com~iPAddress=10.80.106.78~iPAddress=10.80.106.79~registeredID=2.10.100.2.4.5~KeyAlogirthmAndSize=RSA-2048~Password=eMudhra@1”

subscriberId

M

String

Pass the Subscriber ID

applicationId

M

String

Pass application ID (For every transaction request unique application id is required)

Java Code for getcertificate

CertificateDetails certificateDetails = new CertificateDetails(); 
certificateDetails.setUserName(userName); 
certificateDetails.setPassword(password); 
certificateDetails.setSignature(signature);

// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); 
String json = ow.writeValueAsString(certUtil);

.Net Code for getcertificate

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," + 
"\"userName\":\"" + <User Name> +
"\"password\":\"" + <Password> +
"\"}";

userName

M

String

You need to pass username that is registered with emCA for API process

password

M

String

You need to pass the password that is registered with emCA for API process

signature

M

String

Pass the signed data (signature) in section 5 i.e., PKCS#7 data

Signed Certificate Serial Number

Jave Code for revoke

RevocationDetails revocationDetails = new RevocationDetails(); 
revocationDetails.setUserName(userName); 
revocationDetails.setPassword(password); 
revocationDetails.setSignature(signature); 
revocationDetails.setRevokeMode(revokeMode); 
revocationDetails.setRemarks(remarks);

// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); 
String json = ow.writeValueAsString(revocationDetails);

.Net Code for revoke

string jsonObject = "{
\"signature\":\"" + <signature> + 
"\"," + "\"userName\":\"" + <User Name> +
"\","+ "\"password\":\"" + <Password>  +
"\","+ "\" revokeMode \":\"" + < revokeMode > + 
"\"," + "\" remarks \":\"" + < remarks> +
"\"}";

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

signature

M

String

Pass the signature (signed data) in section 5 i.e., PKCS#7 data Signed Certificate Serial Number

remarks

M

String

Pass your reason for revocation of certificate

revokeMode

M

Integer

Pass the below values

0 for - Unspecified

1 for - Key Compromise

2 for - CA compromise

3 for - Affiliation

4 for - Superseded

5 for - Cessation of operation

9 for - Privilege withdrawn

10 for - AA Compromise

Java Code for verifysignature

SignatureInput input = new SignatureInput(); 
input.setSignature(signature); 
input.setUserName(userName); 
input.setPassword(password);

// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); 
String json = ow.writeValueAsString(certUtil);

.Net Code for verifysignature

string jsonObject = "{
\"signature\":\"" + <signature> + 
"\"," + "\"userName\":\"" + <User Name> +
 "\"," + "\"password\":\"" + <Password> +
"\"}";

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

signature

M

String

Pass the signature (signed data) in section 5 i.e., PKCS#7 data generated based on the TBS.

Java Code for createCertificateById, createPKCS12ById & createCertificateP7BById

CreateX509Entity certUtil = new CreateX509Entity(); 
certUtil.setProfileID(profileID); 
certUtil.setUserName(userName); 
certUtil.setPassword(password); 
certUtil.setSignature(signature); 
certUtil.setSubscriberId(subscriberId); 
certUtil.setValidity(validity); 
certutil.setValidFrom(validFrom); 
certutil.setApplicationId(applicationId);
// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); 
String json = ow.writeValueAsString(certUtil);

.Net Code for createCertificateById, createPKCS12ById & createCertificateP7BById

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," + 
"\"userName\":\"" + <User Name> + "\"," +
"\"password\":\"" + <Password> + "\"," + 
"\"profileID\":\"" + <Certificate Profile Id> + "\"," +
"\"validity\":\"" + <Validity> + "\"," + 
"\"validFrom\":\"" + < validFrom > + "\"," + 
"\"subscriberId \":\"" + <SubscriberId> + "\"," +
"\"applicationId \":\"" + < applicationId> +
"\"}";

useRname

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

ProfileID

M

String

Pass Certificate profile name to be used to create x509Certificate.

signature

M

String

Pass the signed data in section 5 i.e., PKCS#7 data

Note:

To generate the signature (sign data) for createCertificateById and createCertificateP7BById APIs, pass the CSR.

For the createPKCS12ById API, generate the signature (sign data) by passing the CSR information in the format below.

“CN=Test123~SERIALNUMBER=04f85bdd24773b66e0bf16b0f59194c78855c7ffcb7c3cf40dce71ba4ff1e91~E=test987@test.com~O=eMudhra~OU=ESS~S=KARNATAKA~C=IN~PostalCode=570004~STREET= Bengaluru~ HOUSEIDENTIFIER=3-88~UID=test877~PSEUDONYM=test098~ PHONE=0123456789~TITLE=Mr~2.5.4.4=kumar~rfc822Name=arjun.kb@emudhra.com~dNSName=www.emudhra.com~dNSName=*.emudhra.com~iPAddress=10.80.106.78~iPAddress=10.80.106.79~registeredID=2.10.100.2.4.5~KeyAlogirthmAndSize=RSA-2048~Password=eMudhra@1”

subscriberId

M

String

Pass the Subscriber ID.

validity

O

String

Pass the validity in the form of (Days : Hours : Minutes : Seconds)

Days – 36135 (maximum days)

Hours - 23 (max hours)

Minutes - 59 (max minutes)

Seconds - 59 (max seconds)

to create certificate with the given validity.

applicationId

M

String

Pass application Id.

validFrom

O

String

Pass the valid from in the form of (dd:MM:yyyy HH:mm:ss)

to create the certificate.

This parameter only applies if the user certificate profile has ‘Support Customized Validity’.

Java Code for Suspend

RevocationDetails revocationDetails = new RevocationDetails();
revocationDetails.setUserName(userName); 
revocationDetails.setPassword(password);
revocationDetails.setSignature(signature); 
revocationDetails.setRevokeMode(revokeMode); 
revocationDetails.setRemarks(remarks);

// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); 
String json = ow.writeValueAsString(revocationDetails);

.Net Code for Suspend

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," + 
"\"userName\":\"" + <User Name> + "\"," +
"\"password\":\"" + <Password> + "\"," +
"\" revokeMode \":\"" + < revokeMode > + "\"," + 
"\" remarks \":\"" + < remarks > "\"," +
"\"}";

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

signature

M

String

Pass the signed data in section 5 i.e., PKCS#7 data

Signed Certificate Serial Number

revokeMode

M

Integer

6 for - Certificate hold (Suspension)

remarks

M

String

Pass your reason for revocation of certificate

Java Code for reinstate

ReinstateDetails reinstateDetails = new ReinstateDetails();

reinstateDetails.setSignature(signature); 
reinstateDetails.setUserName(userName); 
reinstateDetails.setPassword(password); 
reinstateDetails.setRemarks(remarks);


// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); 
String json = ow.writeValueAsString(reinstateDetails);

.Net Code for reinstate

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," +
 "\"userName\":\"" + <User Name> + "\"," +
"\"password\":\"" + <Password> + "\"," + 
"\" remarks \":\"" + < remarks > +
"\"}";

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

signature

M

String

Pass the signed data in section 5 i.e., PKCS#7 data

Signed Certificate Serial Number

remarks

M

String

Pass your reason to reinstate the certificate

Java Code for rekey

ReIssueCertificate reIssueCert = new ReIssueCertificate(); 
reIssueCert.setSerialNum(serialNum); 
reIssueCert.setSignature(signature); 
reIssueCert.setUserName(userName); 
reIssueCert.setPassword(password); 
reIssueCert.setRemarks(remarks); 
reIssueCert.setValidFrom(validFrom); 
reIssueCert.setApplicationId(applicationId);
// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); 
String json = ow.writeValueAsString(reIssueCert);

.Net Code for rekey

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," +
"\"userName\":\"" + <User Name> + "\"," +
"\"password\":\"" + <Password> + "\"," +
"\" serialNumber\":\"" + < SerialNumber> + "\"," +
"\" remarks \":\"" + < Remarks > + "\"," +
"\" validFrom \":\"" + < validFrom > + "\"," +
"\" applicationId \":\"" + < ApplicationId > +
"\"}";

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

signature

M

String

Pass the signed data in section 5 i.e., PKCS#7 data

Signed CSR Data

remarks

M

String

Pass your Reason to rekey the certificate

serialNo

M

String

Certificate Serial number

applicationId

M

String

Pass application ID.

ValidFrom

O

String

Pass the valid from in the form of (dd:MM:yyyy HH:mm:ss)

to create certificate.

This parameter applies if the user certificate profile has ‘Support Customized Validity’.

Java Code for getCertificateByRequestID

CreateCertificate userRequest=new CreateCertificate();
String signdata = getSigndata(requestId.getBytes()); 
userRequest.setPassword(password); 
userRequest.setUserName(userName);
userRequest.setSignature(signature);
// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); 
String json = ow.writeValueAsString(userRequest);

.Net Code for getCertificateByRequestID

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," + 
"\"userName\":\"" + <User Name> + "\"," +
"\"password\":\"" + <Password> +
"\"}";

Java Code for createCustomCertificateById

CreateX509Entity certUtil = new CreateX509Entity(); 
certUtil.setProfileID(profileID); 
certUtil.setUserName(userName); 
certUtil.setPassword(password); 
certUtil.setSignature(signature); 
certUtil.setSubscriberId(subscriberId); 
certUtil.setValidity(validity); 
certutil.setValidFrom(validFrom); 
certutil.setsANValues(sANValues); 
certutil.setSubjectDNOids(subjectDNOids);
certutil.setP7Brequest(Boolean.parseBoolean(certificateTyperequest)); 
certUtil.setApllicationId(applicationId);
// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); 
String json = ow.writeValueAsString(certUtil);

.Net Code for createCustomCertificateById

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," + 
"\"userName\":\"" + <User Name> + "\"," +
"\"password\":\"" + <Password> + "\"," +
"\"profileID\":\"" + <Certificate Profile Id> + "\"," +
"\"validity\":\"" + <Validity> + "\"," + 
"\"validFrom\":\"" + < validFrom > + "\"," + 
"\"isP7Brequest \":\"" + < isP7Brequest > + "\"," + 
"\"subscriberId \":\"" + <SubscriberId> + "\"," +
"\"sANValues \":\"" + <sANValues> + "\"," +
"\"subjectDNOids\":\"" + <subjectDNOids> +
"\" applicationId\":\"" + < applicationId> +
"\"}";

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

profileID

M

String

Pass Certificate profile name to be used to create x509Certificate.

signature

M

String

Pass the signed data in section 5 i.e., PKCS#7 data

Signed CSR Data

subscriberId

M

String

Pass the Subscriber ID.

validity

O

String

Pass the validity in the form of (Days : Hours : Minutes : Seconds)

Days – 36135 (maximum days)

Hours - 23 (max hours)

Minutes - 59 (max minutes)

Seconds - 59 (max seconds)

to create certificate with the given validity.

sANValues

M

String

Pass sANValues to be used to createCustomCertificateById

Example:

Note: If sAN values are not available then pass it as empty string.

Java Code for getExpirySoonCertificate

CreateCertificate createX509Entity= new CreateCertificate(); 
createX509Entity.setUserName(userName); 
createX509Entity.setPassword(password); 
createX509Entity.setSignature(signature); 
createX509Entity.setSubscriberId(subscriberId);

.Net Code for getExpirySoonCertificate

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," + 
"\"userName\":\"" + <User Name> + "\"," +
"\"password\":\"" + <Password> + "\"," +
"\"subscriberId \":\"" + <SubscriberId> +
"\"}";

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

signature

M

String

Pass the signed data in section 5 i.e., PKCS#7 data

Signed Data will be No. of Days to get the expiry soon certificates.

subscriberId

O

String

Pass the Subscriber ID.

Java code for getProfileinfoByProfilename

CreateCertificate createX509Entity= new CreateCertificate(); 
createX509Entity.setUserName(userName); 
createX509Entity.setPassword(password); 
createX509Entity.setSignature(signature); 

.Net Code for getProfileinfoByProfilename

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," + 
"\"userName\":\"" + <User Name> + "\"," +
"\"password\":\"" + <Password> +
"\"}";

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

signature

M

String

Pass the signed data in section 5 i.e., PKCS#7 data

Signed data will be user certificate profile name

Java Code for getCertificateProfileList

CreateCertificate createX509Entity= new CreateCertificate(); 
createX509Entity.setUserName(userName); 
createX509Entity.setPassword(password); 
createX509Entity.setSignature(signature); 

.Net Code for

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," + "\"userName\":\"" + <User Name> +
"\"password\":\"" + <Password> +
}";

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

signature

M

String

Pass the signed data in section 5 i.e., PKCS#7 data

Signed Data will be CAName

Java Code for createCertificatesByIdWithMultipleCsrData

CreateX509Entity certUtil = new CreateX509Entity(); 
certUtil.setProfileID(profileID); 
certUtil.setUserName(userName); 
certUtil.setPassword(password); 
certUtil.setSignature(signature); 
certUtil.setSubscriberId(subscriberId); 
certUtil.setValidity(validity); 
certutil.setValidFrom(validFrom); 
certutil.setApplicationId(applicationId);
// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); 
String json = ow.writeValueAsString(certUtil);

.Net Code for

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," +
"\"userName\":\"" + <User Name> + "\"," +
"\"password\":\"" + <Password> + "\"," + 
"\"profileID\":\"" + <Certificate Profile Id> + "\"," +
"\"validity\":\"" + <Validity> + "\"," +
"\"validFrom\":\"" + < validFrom > + "\"," + 
"\"subscriberId \":\"" + <SubscriberId> + "\"," + 
"\"applicationId \":\"" + < applicationId> +
}";

Multi-CSR Request PDF

create a PDF format like below, convert it to a base64 encoded string, and then sign the same string to generate the signature, you can follow these steps:

Here 1001, 1002 etc. is csr request id and other data is csr data for specific request id.

CSRDATA 
{  
"1001": 
"MIIBRDCB6wIBADCBiDEhMB8GCSqGSIb3DQEJARYSYW51cC5rQGVtdWRocmEuY29tMRIwEAYDVQQUEwk1Njc4OTA0MzIxGDAWBgNVBAcTD01hemFyaSBUYWtoYXlpbDEPMA0GA1UEAxMGTmlraGlsMQ0wCwYDVQQIEwRIYWlsMRUwEwYDVQQGEwxTYXVkaSBBcmFiaWEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARJeVEW9b4aUQ9/f0ZskbrTXTzp//YRQW8iGvSirM3FTeW4VwJ3QRS16nbRiBKghhqJIroE8m9bchXmDcwVk2MwoAAwCgYIKoZIzj0EAwIDSAAwRQIgIIwWD0ZImPjLESKurtluxFAKJxHNJFinVIdlrvAKukYCIQC1g/dZWKwQ+mIQ/mgBgkdNQIkrG+A7 CarlFOpjSN3bvA==",  
"1002": 
"MIIBRDCB6wIBADCBiDEhMB8GCSqGSIb3DQEJARYSYW51cC5rQGVtdWRocmEuY29tMRIwEAYDVQQUEwk1Njc4OTA0MzIxGDAWBgNVBAcTD01hemFyaSBUYWtoYXlpbDEPMA0GA1UEAxMGTmlraGlsMQ0wCwYDVQQIEwRIYWlsMRUwEwYDVQQGEwxTYXVkaSBBcmFiaWEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARJeVEW9b4aUQ9/f0ZskbrTXTzp//YRQW8iGvSirM3FTeW4VwJ3QRS16nbRiBKghhqJIroE8m9bchXmDcwVk2MwoAAwCgYIKoZIzj0EAwIDSAAwRQIgIIwWD0ZImPjLESKurtluxFAKJxHNJFinVIdlrvAKukYCIQC1g/dZWKwQ+mIQ/mgBgkdNQIkrG+A7 CarlFOpjSN3bvA==", 
 "1003": 
"MIIBRDCB6wIBADCBiDEhMB8GCSqGSIb3DQEJARYSYW51cC5rQGVtdWRocmEuY29tMRIwEAYDVQQUEwk1Njc4OTA0MzIxGDAWBgNVBAcTD01hemFyaSBUYWtoYXlpbDEPMA0GA1UEAxMGTmlraGlsMQ0wCwYDVQQIEwRIYWlsMRUwEwYDVQQGEwxTYXVkaSBBcmFiaWEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARJeVEW9b4aUQ9/f0ZskbrTXTzp//YRQW8iGvSirM3FTeW4VwJ3QRS16nbRiBKghhqJIroE8m9bchXmDcwVk2MwoAAwCgYIKoZIzj0EAwIDSAAwRQIgIIwWD0ZImPjLESKurtluxFAKJxHNJFinVIdlrvAKukYCIQC1g/dZWKwQ+mIQ/mgBgkdNQIkrG+A7 CarlFOpjSN3bvA==",  
"1004": 
"MIIBRDCB6wIBADCBiDEhMB8GCSqGSIb3DQEJARYSYW51cC5rQGVtdWRocmEuY29tMRIwEAYDVQQUEwk1Njc4OTA0MzIxGDAWBgNVBAcTD01hemFyaSBUYWtoYXlpbDEPMA0GA1UEAxMGTmlraGlsMQ0wCwYDVQQIEwRIYWlsMRUwEwYDVQQGEwxTYXVkaSBBcmFiaWEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARJeVEW9b4aUQ9/f0ZskbrTXTzp//YRQW8iGvSirM3FTeW4VwJ3QRS16nbRiBKghhqJIroE8m9bchXmDcwVk2MwoAAwCgYIKoZIzj0EAwIDSAAwRQIgIIwWD0ZImPjLESKurtluxFAKJxHNJFinVIdlrvAKukYCIQC1g/dZWKwQ+mIQ/mgBgkdNQIkrG+A7 CarlFOpjSN3bvA==",  
"1005": 
"MIIBRDCB6wIBADCBiDEhMB8GCSqGSIb3DQEJARYSYW51cC5rQGVtdWRocmEuY29tMRIwEAYDVQQUEwk1Njc4OTA0MzIxGDAWBgNVBAcTD01hemFyaSBUYWtoYXlpbDEPMA0GA1UEAxMGTmlraGlsMQ0wCwYDVQQIEwRIYWlsMRUwEwYDVQQGEwxTYXVkaSBBcmFiaWEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARJeVEW9b4aUQ9/f0ZskbrTXTzp//YRQW8iGvSirM3FTeW4VwJ3QRS16nbRiBKghhqJIroE8m9bchXmDcwVk2MwoAAwCgYIKoZIzj0EAwIDSAAwRQIgIIwWD0ZImPjLESKurtluxFAKJxHNJFinVIdlrvAKukYCIQC1g/dZWKwQ+mIQ/mgBgkdNQIkrG+A7 CarlFOpjSN3bvA==" 
}

Java Code for createeSignCustomCertificateById

CreateX509Entity certUtil = new CreateX509Entity(); 
certUtil.setProfileID(certId); 
certUtil.setUserName(userName); 
certUtil.setPassword(password); 
certUtil.setSignature(signature); 
certUtil.setSubscriberId(subscriberId); 
certUtil.setValidity(validity); 
certutil.setValidFrom(validFrom); 
certutil.setsANValues(SANValues); 
certutil.setSubjectDNOids(subjectDNOids);
certutil.setP7Brequest(Boolean.parseBoolean(certificateTyperequest));
certUtil.setApllicationId(applicationId);
// Converting the class object to Json
ObjectWriter ow = new ObjectMapper().writer().withDefaultPrettyPrinter(); String json = ow.writeValueAsString(certUtil);

.Net Code for createeSignCustomCertificateById

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," + 
"\"userName\":\"" + <User Name> + "\"," +
"\"password\":\"" + <Password> + "\"," +
"\"profileID\":\"" + <Certificate Profile Id> + "\"," +
"\"validity\":\"" + <Validity> + "\"," + 
"\"validFrom\":\"" + < validFrom > + "\"," + 
"\"isP7Brequest \":\"" + < isP7Brequest > + "\"," + 
"\"subscriberId \":\"" + <SubscriberId> + "\"," +
"\"sANValues \":\"" + <sANValues> + "\"," +
"\"subjectDNOids\":\"" + <subjectDNOids> +
"\" applicationId\":\"" + < applicationId> +
"\"}";

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

profileID

M

String

Pass Certificate profile name to be used to create x509Certificate.

signature

M

String

Pass the signed data in section 5 i.e., PKCS#7 data

Signed CSR Data

subscriberId

M

String

Pass the Subscriber ID.

validity

O

String

Pass the validity in the form of (Days : Hours : Minutes : Seconds)

Days – 36135 (maximum days)

Hours - 23 (max hours)

Minutes - 59 (max minutes)

Seconds - 59 (max seconds)\

to create certificate with the given validity.

sANValues

M

String

Pass sANValues to be used to createCustomCertificateById

Example:

Note: If sAN values are not available then pass it as empty string.

subjectDNOids

M

String

Pass subjectDNOids to be used to createCustomCertificateById

Example: “2.5.4.3|Test~2.5.4.6|India~2.5.4.8|Delhi~2.5.4.7|test~2.5.4.5|77686868687~2.5.4.10|Personal~1.2.840.113549.1.9.1|test@gmail.com~2.5.4.12|test”

validFrom

O

String

Pass the validityFrom in the form of

(dd:MM:yyyy HH:mm:ss)

This parameter applies if the user certificate profile has ‘Support Customized Validity’.

isP7BRequest

M

String

String Pass “true” for p7b Certificate and “false” for .cer Certificate.

applicationId

M

String

Pass application ID.

Java Code for getPKCS12

GetKRSPkcs12 getKRSPkcs12 = new CreateCertificate();
getKRSPkcs12.setPassword(password);
getKRSPkcs12.setUserName(userName);
getKRSPkcs12.setSignature(signature);

.Net Code for getPKCS12

string jsonObject = "{
\"signature\":\"" + <signature> + "\"," + 
"\"userName\":\"" + <User Name> + "\"," +
"\"password\":\"" + <Password> +
"\"}";

signature

M

String

Generate the Signed data by passing the pfxPin, serialNumber, subscriberId

Example :

{'pfxPin': 'eMudhra@1','serialNumber':'71403fca726c27ca2ac936f3bc3f6c21','subscriberId':'12345'}

userName

M

String

You need to pass username that is registered with emCA for API process.

password

M

String

You need to pass the password that is registered with emCA for API process.

PreviousHow to Generate Signed Data (PKCS#7)NextHow to encrypt JSON object

Last updated 1 year ago

8NSName=www.e xample.com|iPAddress=127.0.0.1|registeredID=2. 10.100.2.4.5"

8NSName=www.e xample.com|iPAddress=127.0.0.1|registeredID=2. 10.100.2.4.5"

"rfc
22Name=test@gmail.com|d
"rfc
22Name=test@gmail.com|d