PKI Cloud CA API

The resources use a data model that is supported by a set of client-side libraries that are made available on the files and libraries page.

There is a WADL document available that describes the resources API.

You may also enjoy the Swagger UI provided for this API.

name	path	methods	description
CaResource	`/ca` `/ca/{ca}` `/createcrl/{ca}` `/getcrl/{ca}`	`GET` `GET` `GET` `GET`	List and manage an Admin's Certificate Authorities.
CertResource	`/eeprofiles` `/certprofiles/{eeprofile}` `/findcerts/{user}` `/getcert/{serial}/{issuer}` `/markrecover/{serial}/{issuer}` `/recover/{serial}/{issuer}` `/softtokenrequest/{keyspec}/{keyalg}` `/revokecert/{issuer}/{serial}/{reason}`	`GET` `GET` `GET` `GET` `POST` `POST` `POST` `GET`	Issue and revoke user certificates. Create user keystores. List certificate profiles.
PublicResource	`/pickup` `/enrol/{certtype}`	`POST` `POST`	Certificate enrollment and collection for certificate users.
TestResource	`/ca/{ca}` `/createca/{ca}/{dn}/{validity}/{keysize}/{algorithm}`	`DELETE` `GET`	Create and delete CAs quickly for test purposes. Generally CAs should be created through the backend CA admin portal, not this API.
UserResource	`/revokeuser` `/users` `/users/{user}` `/revokeuser/{user}/{reason}`	`POST` `GET POST` `GET` `GET`	Create, list, search, revoke and delete certificate users.

JSON

type	description
CertificateHolder
ExtendedInformationWS	Java class for extendedInformationWS complex type. The following schema fragment specifies the expected content contained within this class. <complexType name="extendedInformationWS"> <complexContent> <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> <sequence> <element name="name" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="value" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> </sequence> </restriction> </complexContent> </complexType>
NameAndId	Java class for nameAndId complex type. The following schema fragment specifies the expected content contained within this class. <complexType name="nameAndId"> <complexContent> <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> <sequence> <element name="id" type="{http://www.w3.org/2001/XMLSchema}int"/> <element name="name" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> </sequence> </restriction> </complexContent> </complexType>
RevokeStatus	Java class for revokeStatus complex type. The following schema fragment specifies the expected content contained within this class. <complexType name="revokeStatus"> <complexContent> <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> <sequence> <element name="certificateSN" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="issuerDN" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="reason" type="{http://www.w3.org/2001/XMLSchema}int"/> <element name="revocationDate" type="{http://www.w3.org/2001/XMLSchema}dateTime" minOccurs="0"/> </sequence> </restriction> </complexContent> </complexType>
SuccessResponse	Wrapper for generic object, typically a message to indicate a successful transaction or a byte array that will be base64 encoded.
User	End-entity certificate holder user ID.
UserDataVOWS	Java class for userDataVOWS complex type. The following schema fragment specifies the expected content contained within this class. <complexType name="userDataVOWS"> <complexContent> <restriction base="{http://www.w3.org/2001/XMLSchema}anyType"> <sequence> <element name="caName" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="cardNumber" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="certificateProfileName" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="certificateSerialNumber" type="{http://www.w3.org/2001/XMLSchema}integer" minOccurs="0"/> <element name="clearPwd" type="{http://www.w3.org/2001/XMLSchema}boolean"/> <element name="email" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="endEntityProfileName" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="endTime" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="extendedInformation" type="{http://ws.protocol.core.ejbca.org/}extendedInformationWS" maxOccurs="unbounded" minOccurs="0"/> <element name="hardTokenIssuerName" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="keyRecoverable" type="{http://www.w3.org/2001/XMLSchema}boolean"/> <element name="password" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="sendNotification" type="{http://www.w3.org/2001/XMLSchema}boolean"/> <element name="startTime" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="status" type="{http://www.w3.org/2001/XMLSchema}int"/> <element name="subjectAltName" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="subjectDN" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="tokenType" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> <element name="username" type="{http://www.w3.org/2001/XMLSchema}string" minOccurs="0"/> </sequence> </restriction> </complexContent> </complexType>
UserRequest
UserRevoke	A request to revoke and/or delete a single user (used in batch revocation).
UsernamePassword

REST/HTTP API for managing certificate authorities and user certificates.

Resources

Data Types

JSON