vim:ts=4:sw=4:expandtab:cindent:syntax=thrift Certificate Authority methods
| Service. | vim:ts=4:sw=4:expandtab:cindent:syntax=thrift Certificate Authority methods |
| Functions | |
| createCSR | Create a certificate signing request |
| uploadCSR | If you want to generate the CSR yourself, you may, but in order for us to generate the certificate, we need it uploaded and assigned an id. |
| getCSR | Retrieve the information of a given CSR id. |
| findCSR | Search for a CSR given certain criteria Optionally include the private key in the result. |
| destroyCSR | Delete a CSR and it’s private key from the database |
| checkCSRVerification | Check if CSR verification is valid yet |
| createCertificate | Create a Stackable CA signed certificate from a CSR Indicate how many days you want the cert signed for |
| uploadCertificate | If you’ve purchased your Certificate or created it in some other way, you’ll need to upload the Certificate to us before it can be installed for a Site. |
| revokeCertificate | Revoke a certificate by it’s id You can only revoke certificates that were signed by Stackable |
| unrevokeCertificate | Unrevoke a certificate by it’s id You can only unrevoke certificates that were signed by Stackable |
| destroyCertificate | Delete a certificate. |
| getCertificate | Retrieve the information of a given Certificate id |
| findCertificate | Search for a Certificate given certain criteria |
| getCAPublicKey | Request the Stackable CA public key as a PEM-encoded x509 certificate. |
Create a certificate signing request
| id | no docs (idx: 1, type: Types.CustomerId) |
| subject | no docs (idx: 2, type: Types.DistinguishedName) |
| passphrase | If present, will encrypt the private key with this passphrase (idx: 3, type: Thrift.string, optional) |
| altNames | no docs (idx: 4, type: Thrift.list (Types.SubjectAltName), optional) |
Exceptions.InvalidArguments (idx: 1)
If you want to generate the CSR yourself, you may, but in order for us to generate the certificate, we need it uploaded and assigned an id. This is how you would do this. The private key must not be passphrase encoded.
| customerId | no docs (idx: 1, type: Types.CustomerId) |
| request | no docs (idx: 2, type: Types.PEMString) |
| privateKey | no docs (idx: 3, type: Types.PEMString) |
Exceptions.InvalidArguments (idx: 1)
Retrieve the information of a given CSR id. Optionally include the private key in the result.
| id | no docs (idx: 1, type: Types.CSRId) |
| includePrivateKey | no docs (idx: 2, type: Thrift.bool, optional) |
Exceptions.InvalidArguments (idx: 1)
Search for a CSR given certain criteria Optionally include the private key in the result.
| customerId | no docs (idx: 1, type: Types.CustomerId, optional) |
| commonName | no docs (idx: 2, type: Types.CACommonName, optional) |
| includePrivateKey | no docs (idx: 3, type: Thrift.bool, optional) |
Exceptions.InvalidArguments (idx: 1)
Delete a CSR and it’s private key from the database
| id | no docs (idx: 1, type: Types.CSRId) |
Exceptions.InvalidArguments (idx: 1)
Check if CSR verification is valid yet
| customerId | no docs (idx: 1, type: Types.CustomerId) |
| domain | no docs (idx: 2, type: Types.DomainName) |
Exceptions.InvalidArguments (idx: 1)
Create a Stackable CA signed certificate from a CSR Indicate how many days you want the cert signed for
| csrId | no docs (idx: 1, type: Types.CSRId) |
| days | no docs (idx: 2, type: Types.CADays) |
Exceptions.InvalidArguments (idx: 1)
If you’ve purchased your Certificate or created it in some other way, you’ll need to upload the Certificate to us before it can be installed for a Site. This is also to be used to upload chained certificates, which you won’t have the privateKey for for obvious reasons.
| customerId | no docs (idx: 1, type: Types.CustomerId) |
| certificate | no docs (idx: 2, type: Types.PEMString) |
| privateKey | no docs (idx: 3, type: Types.PEMString, optional) |
| csrId | Provide the CSR id if we generated the CSR but it was signed elsewhere. This will bring in the privateKey for you. (idx: 4, type: Types.CSRId, optional) |
Exceptions.InvalidArguments (idx: 1)
Revoke a certificate by it’s id You can only revoke certificates that were signed by Stackable
| id | no docs (idx: 1, type: Types.CertificateId) |
Exceptions.InvalidArguments (idx: 1)
Unrevoke a certificate by it’s id You can only unrevoke certificates that were signed by Stackable
| id | no docs (idx: 1, type: Types.CertificateId) |
Exceptions.InvalidArguments (idx: 1)
Delete a certificate. Also revokes if it’s signed by Stackable.
| id | no docs (idx: 1, type: Types.CertificateId) |
Exceptions.InvalidArguments (idx: 1)
Retrieve the information of a given Certificate id
| id | no docs (idx: 1, type: Types.CertificateId) |
| includeCSR | no docs (idx: 2, type: Thrift.bool, optional) |
| includePrivateKey | no docs (idx: 3, type: Thrift.bool, optional) |
| includeChain | no docs (idx: 4, type: Thrift.bool, optional) |
Exceptions.InvalidArguments (idx: 1)
Search for a Certificate given certain criteria
| customerId | no docs (idx: 1, type: Types.CustomerId) |
| commonName | no docs (idx: 2, type: Types.CACommonName, optional) |
| validBefore | Checks that the validTo of the certificate is after this value (idx: 3, type: Types.UnixTime, optional) |
| validAfter | Checks that the validTo of the certificate is before this value (idx: 4, type: Types.UnixTime, optional) |
| includeCSR | no docs (idx: 5, type: Thrift.bool, optional) |
| includePrivateKey | no docs (idx: 6, type: Thrift.bool, optional) |
Thrift.list (Types.CertificateMeta)
Exceptions.InvalidArguments (idx: 1)