Skip to main content

1. Self Signed Certificate

Create key

POST: /v1/key

Description: Create key request.

{
    "label": "certificate_key",
    "password": null,
    "algorithm": "RSA",
    "keySize": 2048,
    "attributes": {
        "decrypt": false,
        "sign": true,
        "unwrap": false,
        "derive": false,
        "bip32": false,
        "extractable": false,
        "modifiable": true,
        "destroyable": true,
        "copyable": false
    },
    "policy": null
}

Create a self-signed certificate

POST: /v1/certificate/synchronous/selfsign

Description: Creates and attaches a self-signed certificate to the keypair.

Setting the certificateAuthority to true adds the BasicConstraint BC:CA:TRUE, should be set for intermediate and CA Authorities.

{
  "signKeyName": "certificate_key",
  "keyPassword": null,
  "validity": 3650,
  "signatureAlgorithm": "SHA256_WITH_RSA",
  "commonName": "CA-Securosys-001",
  "certificateAuthority": true,
  "keyUsage": [
    "DIGITAL_SIGNATURE",
    "KEY_CERT_SIGN"
  ],
  "extendedKeyUsage": [
    "ANY_EXTENDED_KEY_USAGE"
  ]
}