See below for issuing certificates with the REST API exposed by the embedded CA Gateway of the Certificate Authorities solution.
To issue certificates with a REST client
- Install a REST client.
- As the client credential, select the administrator PKCS #12 automatically generated when Creating Certificate Authority instances.
- Import the Swagger specification, which is available at the following endpoint. Where
https://{pkihub}:7443/cagw{pkihub}is the hostname or IP address of the machine hosting PKI Hub. Send a REST requests to the issuing CA endpoint – for example:
Where :curl --request POST --header "Accept: application/json" --header "Content-Type: application/json" -d @enrollments.json --cert-type P12 --cert $P12:$PWD https://$PKIHUB:7443/cagw/v1/certificate-authorities/$ORG_ID~$CA_ID/enrollments | jq .$P12is the path of the PKCS#12 file.$PWDis the password of the PKCS 12 file.$PKIHUBis the hostname or IP address of the machine hosting PKI Hub.$ORG_IDis the identifier of the organization to which the CA belongs.$CA_IDis the identifier of the issuing CA.