 |
REST API
17
REST API for Luna Network HSMs
|
|
REST API
17
REST API for Luna Network HSMs
|
Generates a certificate signing request for the NTLS certificate.
Users with the following role privileges can perform this command:
cn is the common name that will be configured as part of the certificate signing request. The default common name is device's hostname.
Use: Not Required
JSON Schema:
Object
type: string
minLength: 1
maxLength: 64
pattern: ^[a-zA-Z0-9]([a-zA-Z0-9.-]{0,62}[a-zA-Z0-9])?$
Specify the duration of CSR. Default value is 3653.
Use: Not Required
JSON Schema:
Object type: integer minimum: 1 maximum: 3653
Two-letter code of the country where the organization is located. Default value is "CA".
Use: Not Required
JSON Schema:
Object
type: string
minLength: 2
maxLength: 2
pattern: ^(A-Z){2}$
State in which the organization is located. Default value is "Ontario".
Use: Not Required
JSON Schema:
Object type: string minLength: 1 maxLength: 64 pattern: ^[A-Za-z](?:[A-Za-z0-9 _]*[A-Za-z0-9_])?$
City in which the organization is located. Default value is "Ottawa".
Use: Not Required
JSON Schema:
Object type: string minLength: 1 maxLength: 64 pattern: ^[A-Za-z](?:[A-Za-z0-9 _.-]*[A-Za-z0-9_.-])?$
The full legal name of the organization. Default value is "Thales".
Use: Not Required
JSON Schema:
Object type: string minLength: 1 maxLength: 64 pattern: ^[A-Za-z](?:[A-Za-z0-9 _]*[A-Za-z0-9_])?$
Division of the organization.
Use: Not Required
JSON Schema:
Object type: string minLength: 1 maxLength: 64 pattern: ^[A-Za-z](?:[A-Za-z0-9 _]*[A-Za-z0-9_])?$
Email address used to contact the owner.
Use: Not Required
JSON Schema:
Object
type: string
minLength: 3
maxLength: 128
Pattern: ^[a-zA-Z0-9_.%+-]+@[a-zA-Z0-9.-]+.[a-zA-Z]{2,}$
In addition to FQDN, when intended to support other subdomains.
Use: Not Required
JSON Schema:
Object
type: array
subjectAltName: object
type: string
minLength: 1
maxLength: 64
minItems: 1
maxItems: 10
pattern: ^((IP|DNS):[a-zA-Z0-9_.-]+)$
Size of the key. Valid sizes are 2048, 3072 and 4096. Default keySize is 2048 when keyType is "rsa".
Use: Not Required
JSON Schema:
Object type: integer
Type of the key. Valid values are "rsa" and "ecc". Default type is "rsa".
Use: Not Required
JSON Schema:
Object type: string minLength: 3 maxLength: 3 pattern: ^(rsa|ecc)$
Elliptical curve name. Valid values are "secp256k1", "secp384r1", "secp521r1" and "prime256v1". Default is "secp384r1".
Use: Not Required
JSON Schema:
Object type: string minLength: 9 maxLength: 10 pattern: ^(secp256k1|secp384r1|secp521r1|prime256v1)$
Represents the Domain Components (DC) in the certificate's subject.
Use: Not Required
JSON Schema:
Object
type: array
dcComponents: Object
type: string
minLength: 1
maxLength: 64
minItems: 1
maxItems: 10
pattern: ^[a-zA-Z0-9_.-]*$
Data buffer containing the file contents.
We failed to parse your request.
Failed to generate a certificate signing request.
POST
https://1.2.3.4:8443/api/lunasa/ntls/csr
{
"cn" : "1.2.3.5",
"days": 30,
"country" : "CA",
"state" : "Ontario",
"location": "Ottawa",
"organization" : "Thales",
"orgunit" : "GPHSM",
"email": "sample@email.com",
"subjectAltNames" : ["IP:1.2.3.4", "DNS:example.com"],
"dcComponents": ["example", "com"],
"keySize" : 2048,
"keyType": "rsa"
}
{
}
This resource returns the contents of a file in a buffer.
Below is an example of getting the contents in python. We iterate through the contents and save them to a file.
r = requests.post("/api/lunasa/ntls/csr",
stream=True,
cookies=cookies,
verify=False,
allow_redirects=False,
data=payload)
with open("ssl.csr", 'wb') as csr:
for chunk in r.iter_content(chunk_size=1024):
if chunk:
csr.write(chunk)
csr.close()