These are the steps you need to complete before moving forward.

  1. Before using the emCA APIs, you must register your application as an external application in emCA.

  2. To register your application, you must first share the username, password, and IP address of the external application with the emCA team.

Steps to be followed by the emCA team.

Once the emCA team has received the username, password, and IP address, an emCA administrator will log in to the emCA portal as an administrator and navigate to Application Settings > External Applications.

click on the "+ New" button and enter the username, password, and IP address of the external application.

Once the details have been entered, the administrator will click on "Proceed".

A "Verify and Confirm" page will be displayed, where the administrator must verify the entered details and authenticate by entering their username and password.

The administrator will then click on "Sign and Save".

The external application will be successfully registered and a PFX file will be generated.

The CA administrator will need to click on the "Download" button to download the PFX file. After that, they will send the PFX file and the AES 256 key to the external application team. Once the external team receives them, the emCA team will securely send the PFX file and AES key to the external team.


  1. Use the PFX file (PKCS#12 soft token certificate) for signing and the AES 256 key for encryption.

  2. When calling the API, you must pass the same username and password as a parameter.

  3. Only requests from the registered IP address will be accepted and processed.


  • Developer environment/hosting server to integrate the third-party application.

  • Network connection to communicate with the emCA API.


  • In this section, "emCA Team" refers to the client's emCA team.

  • Replace "" with the actual domain name of the respective functionality.

Last updated