Certificate REST API
- Karsten Markmann
Public Rest API
PGP WebService Interface for Certificate Metadata
Prerequisites
Before you can use this service, you will need to check that the UsageCode, CertificateTypeCode and IdentificationType and IdentificationValue , you are about to use, are created.
- CertificateTypeCode should be present in the table: partner.tPartnerCertificateTypes
- UsageCodes should be present in the table: partner.tPartnerCertificateUsages
- IdentificationType should be present in the table: partner.tIdentificationTypes
- IdentificationValue should be preseent in the table: partner.tPartner_IdentificationTypes
Authentication
We are doing basic authentication for all the web service calls via Link user.
Permissions
The create-certificate a permission called Partner_Action_CreateCertificate_External_ForeignKey
The create-certificate for updating an existing certificate requires a permission called Partner_Action_UpdateCertificate_External_ForeignKey
The delete-certificate requires a permission called Partner_Action_DeleteCertificate_External_ForeignKey
Available methods
The PGP Web service interface has following methods available.The webservice interface is implemented at recieve site,so {host} represents the receive site URL
Get-Certificate ([HttpGet]) ( http://{host}/api/PartnerExternalCertificateSystem/get-certificate ) The get certificate method will take one parameter called externalForeignKey and return the certificate metadata if it is present e.g http://{host}/api/PartnerExternalCertificateSystem/get-certificate?externalForeignKey=SystemName_Cert0001 .
Delete-Certificate ([HttpDelete]) ( http://{host}/api/PartnerExternalCertificateSystem/delete-certificate ) The delete certificate method will take one parameter called externalForeignKey and deletes the certificate metadata if it is present e.g http://{host} /api/PartnerExternalCertificateSystem/delete-certificate?externalForeignKey=SystemName_Cert0001. It needs a permission in Link called Partner_Action_DeleteCertificate_External_ForeignKey
Save-Certificate ([HttpPost]) ( http://{host}/api/PartnerExternalCertificateSystem/save-certificate ) The save certificate method will create or update the certificate metadata, if it already exist against the externalForeignKey . All the parameters will be mandatory except a comment. It needs a permission for adding certficate called Partner_Action_CreateCertificate_External_ForeignKey and also a permission for update cerificate called Partner_Action_UpdateCertificate_External_ForeignKey It will take following parameters in the body
Body properties
- FriendlyName [string (1 - 250)]
- ValidFrom (It should be in yyyy-MM-dd date format)
- ValidTo ( yyyy-MM-dd date format)
- StartUsing ( yyyy-MM-dd date format)
- SerialNumber [string (1 - 50)]
- Comment (Optional)
- HasPrivateKey (bit) (true or false)
- Issuer [string (1 - 250)]
- CertificateTypeCode [string (1 - 50)] (e.g X509 )
- ExternalForeignKey [string (1 - 150)]
- UsageCodes (It's a comma-separated usage code e.g As2, As4 )
- IdentificationType [string (1 - 255)] ( partner identification type )
- IdentificationValue [string (1 - 500)] (partner identification value)
Example
Request Header
Content-Type: application/json
Authorization: Basic RGF2aWQ6RW5UbzM0RmVtIQ== (Base64 encoded LINK user, it can be generated from https://www.base64encode.org/)
Request Body
{
"ExternalForeignKey":"Server_Cert000010",
"FriendlyName":"testAs4",
"IdentificationType":"Mutually defined",
"IdentificationValue":"Yih",
"UsageCodes":"AS2,AS4",
"ValidFrom":"2017-12-07",
"ValidTo":"2018-12-07T10:16:27+01:00",
"StartUsing":"2017-12-27",
"SerialNumber":"2122F3F8",
"Comment":"",
"HasPrivateKey":false,
"Issuer":"CN=biz, OU=bizbc2, O=bizb-c2, L=bizb-c2, S=bizbc2, C=EU",
"Subject":"CN=bizbrc2, OU=bizbc2, O=bizbc2, L=bizbc2, S=bizbc2, C=EU",
"CertificateTypeCode":"X509"
}
ContentType
Note: All the requests need to pass application/json as a content type.
Content on this page:
The information on this page is based on Link 2.10