Installation and usage of the platform

REST API: retrieving certificates¶

To request a certificate from a node certificate store use the methods from the pki/certificate group. With these methods you can retrieve a certificate by different fields:

/pki/certificate/by-dn/%percent-encoded-DN% – retrieve a certificate by its DN (distinguished name),
/pki/certificate/by-dn-hash/%DN-hash-string% – retrieve a certificate by its DN Hash,
/pki/certificate/by-public-key/%public-key-base58% – retrieve a certificate by its publicKey,
/pki/certificate/by-fingerprint/%fingerprint-base64% – retrieve a certificate by its fingerprint.

In the request, these methods take the value of the corresponding certificate field and, optionally, the plainText parameter, which determines the format of the response.

If a certificate exists, the node returns the certificate in DER format (as it is recorded in the node certificate store), with bytes encoded in Base64 format in the response of each of these methods. If the plainText parameter in the method request is set to true, then the certificate is returned in plainText format.

If no such certificate exists, then each of these methods returns an error with the 404 Not Found code.

Note

The same data as the /pki/certificate group REST methods return, can be retrieved using the gRPC PkiPublicService methods.

/pki/certificate group methods authorization¶

In case of API-KEY, authorization is not required.

In case of OAuth2 authorization, the user role in JWT token is required.

GET /pki/certificate/by-dn/%percent-encoded-DN%¶

The method returns the certificate by its distinguished name recorded in the DN field.

An example of the GET /pki/certificate/by-dn/%percent-encoded-DN% method request:

Note

The same data as the GET /pki/certificate/by-dn/%percent-encoded-DN% REST method returns, can be retrieved using the GetCertificateByDn(CertByDNRequest) gRPC method.

GET /pki/certificate/by-dn-hash/%DN-hash-string%¶

The method returns the certificate by SHA-1 hash (Keccak) from the DN certificate field.

Note

The same data as the GET /pki/certificate/by-dn-hash/%DN-hash-string% REST method returns, can be retrieved using the GetCertificateByDnHash(CertByDNHashRequest) gRPC method.

GET /pki/certificate/by-public-key/%public-key-base58%¶

The method returns the certificate by its publicKey.

Note

The same data as the GET /pki/certificate/by-public-key/%public-key-base58% REST method returns, can be retrieved using the GetCertificateByPublicKey(CertByPublicKeyRequest) gRPC method.

GET /pki/certificate/by-fingerprint/%fingerprint-base64%¶

The method returns the certificate by its fingerprint.

Note

The same data as the GET /pki/certificate/by-fingerprint/%fingerprint-base64% REST method returns, can be retrieved using the GetCertificateByFingerprint(CertByFingerprintRequest) gRPC method.