Cryptographic Security Platform 1.0.0 - Installation and administration guide [PDF][Releases]

See below for issuing certificates with the REST API exposed by the embedded CA Gateway of the Certificate Authority solution.

To issue certificates with a REST client

Install a REST client.
As the client credential, select the administrator PKCS #12 automatically generated when Managing Certificate Authority instances.
Import the Swagger specification, which is available at the following endpoint.

https://{pkihub}:7443/cagw

Where {pkihub} is the hostname or IP address of the machine hosting Cryptographic Security Platform.
Send a REST requests to the issuing CA endpoint – for example:

curl --request POST --header "Accept: application/json" --header "Content-Type: application/json" -d @enrollments.json --cert-type P12 --cert $P12:$PWD https://$PKIHUB:7443/cagw/v1/certificate-authorities/$ORG_ID~$CA_ID/enrollments | jq .

Where :
- $P12 is the path of the PKCS#12 file.
- $PWD is the password of the PKCS 12 file.
- $PKIHUB is the hostname or IP address of the machine hosting Cryptographic Security Platform.
- $ORG_ID is the identifier of the organization to which the CA belongs.
- $CA_ID is the identifier of the issuing CA.