CA EE List Certificates Service - dogtagpki/pki GitHub Wiki
-
Method:
POST -
Path:
/ca/ee/ca/listCerts -
Authentication: None
-
Parameters:
-
op -
queryCertFilter -
serialFrom -
serialTo -
skipNonValid -
querySentinelDown -
querySentinelUp -
direction:begin,up,down,end -
maxCount
-
The response is a dynamically generated HTML page that contains JavaScript code that defines the certificate records and render them in an HTML table.
The service is defined in CA’s web.xml:
<servlet>
<servlet-name> caListCerts </servlet-name>
<servlet-class> com.netscape.cms.servlet.cert.ListCerts </servlet-class>
<init-param><param-name> GetClientCert </param-name>
<param-value> false </param-value> </init-param>
<init-param><param-name> AuthzMgr </param-name>
<param-value> BasicAclAuthz </param-value> </init-param>
<init-param><param-name> authority </param-name>
<param-value> ca </param-value> </init-param>
<init-param><param-name> templatePath </param-name>
<param-value> /ee/ca/queryCert.template </param-value> </init-param>
<init-param><param-name> ID </param-name>
<param-value> caListCerts </param-value> </init-param>
<init-param><param-name> resourceID </param-name>
<param-value> certServer.ee.certificates </param-value> </init-param>
<init-param><param-name> interface </param-name>
<param-value> ee </param-value> </init-param>
<init-param><param-name> maxResults </param-name>
<param-value> 1000 </param-value> </init-param>
</servlet>
<servlet-mapping>
<servlet-name> caListCerts </servlet-name>
<url-pattern> /ee/ca/listCerts </url-pattern>
</servlet-mapping>
The servlet is defined in ListCerts.java.
The page template is defined in queryCert.template.
To call the service using curl:
$ curl -s http://localhost.localdomain:8080/ca/ee/ca/listCerts ... <SCRIPT LANGUAGE="JavaScript"> var header = new Object(); var fixed = new Object(); var recordSet = new Array; var result = new Object(); var httpParamsCount = 0; var httpHeadersCount = 0; var authTokenCount = 0; var serverAttrsCount = 0; header.HTTP_PARAMS = new Array; header.HTTP_HEADERS = new Array; header.AUTH_TOKEN = new Array; header.SERVER_ATTRS = new Array; header.skipRevoked = null; header.issuerName = "CN=Certificate Authority,O=EXAMPLE"; header.skipNonValid = null; header.maxCount = 1000; header.caSerialNumber = "1"; header.querySentinelDown = null; header.serviceURL = "\/ca\/ee\/ca\/listCerts"; header.totalRecordCount = 6; header.op = null; header.queryCertFilter = "(certStatus=*)"; header.queryFilter = "(certStatus=*)"; header.currentRecordCount = 6; header.querySentinelUp = "1"; header.templateName = "queryCert"; fixed.maxCount = 1000; var recordCount = 0; var record; ... record = new Object; record.HTTP_PARAMS = new Array; record.HTTP_HEADERS = new Array; record.AUTH_TOKEN = new Array; record.SERVER_ATTRS = new Array; record.revokedOn=null; record.revokedBy=null; record.signatureAlgorithm="1.2.840.113549.1.1.11"; record.serialNumber="1"; record.serialNumberDecimal="1"; record.subjectPublicKeyLength=2048; record.version=2; record.type="X.509"; record.subject="CN=Certificate Authority,O=EXAMPLE"; record.issuedOn="1628262924"; record.validNotBefore="1628262924"; record.issuedBy="system"; record.validNotAfter="2259414924"; record.subjectPublicKeyAlgorithm="1.2.840.113549.1.1.1"; recordSet[recordCount++] = record; ... record.recordSet = recordSet; result.header = header; result.fixed = fixed; result.recordSet = recordSet; </SCRIPT> ...