CA Get Authority Certificate REST API - dogtagpki/pki GitHub Wiki

Request

  • Path: /ca/rest/authorities/{id}/cert

  • Method: GET

  • Headers:

    • Accept: application/x-pem-file, application/pkix-cert

Response

PEM
$ curl \
    -k \
    -s \
    -H "Accept: application/x-pem-file" \
    https://localhost.localdomain:8443/ca/rest/authorities/b6c33f78-74ce-4ce8-9368-132778770572/cert
-----BEGIN CERTIFICATE-----
MIIEfTCCAuWgAwIBAgIQZU2UOsOp00CCc0s5+cMOMjANBgkqhkiG9w0BAQsFADBIMRAwDgYDVQQK
DAdFWEFNUExFMRMwEQYDVQQLDApwa2ktdG9tY2F0MR8wHQYDVQQDDBZDQSBTaWduaW5nIENlcnRp
ZmljYXRlMB4XDTIzMTAyNDAxNDkwMFoXDTQzMTAyNDAxNDkwMFowSDEQMA4GA1UECgwHRVhBTVBM
RTETMBEGA1UECwwKcGtpLXRvbWNhdDEfMB0GA1UEAwwWQ0EgU2lnbmluZyBDZXJ0aWZpY2F0ZTCC
AaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANglqsosqV9PlEH1bJ2oULYmlSEpYDwx8qKD
B5G29ZIECOMQGpCReuw/Ex4W6aZlWd3g1uxHJn3+zfQTWPuXyq8FPhVmW3XGyIHWTEXU5pPX6M3S
tp+7hBGfCBuRl00ZUiVBieMHzlZsnhsjrMc6zxrxUN1DgnXjaS7RB4fqPfgokhZS/EFA7auKm5B+
YaRznxHBTvQK8s45aLPPY7jBZ+JdzxE1RgKG4bHLgPKEW37w2y1gOHBpN/wc9cR7NbhDbJx99aCh
qvRnd48yYuqwH5mR3JmqyXqBeB4jsP5T5tGXhs2PEKp8umAXaPLtw6mrB7ruNZehW5dRQLgbx2Fo
3PTPQ/n3HpLVSpxRvCosNGVE1e7wW7KcKUWo90HF7po0ZxcSwvCFnUQsrfQ9nhTqQik/I1HMAsuI
4ipwUuD2BQmlYzOkFdqUkdh8JFxeHw+M/JH9uzBDKaG/u/YlEoiIW1ZQyDxbozMJE3wHxHsveYEZ
yQNTTBJqUM0g3frF34z1mwIDAQABo2MwYTAfBgNVHSMEGDAWgBT8bh/F26l1ddxUzlLagnRl0HvK
JTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBxjAdBgNVHQ4EFgQU/G4fxdupdXXcVM5S
2oJ0ZdB7yiUwDQYJKoZIhvcNAQELBQADggGBAHW6O6C3dCMhzYTkrJrQio8CPAWGAhytBMzRxB/B
Cl0YsqWQV5qqBRhHbkabu9cmNiNOFRjiRRKIVErCj9cVWKH5DADWYq/MmB68T+ZlBOlURGamQOmI
AwK8ekC6SKLt+RiWBKbYVz0dSAJZHWcBu2OQ8U5CAZ+eBxshqAPDiL1uq8VpMq72k2+wl+S+s1hm
QOryMWdf3wz7aohZPQmmPPD2yLV4tiR4GwNEwt62GKQoI9Dzq8DNl52ZBngXf6cVwsn7EbM1os+S
zEvnHPu2P8y87PbXGO0KP+lgCMXkwf6FYPMCwNmTBTrFKWzfMnMHPVq22XFqi2c5zfQI9gIbiutH
++wqp0aacb+urQtYMHKdMFtN/Nwu+N07vJT3QM7Q22mMZ7JW6h5mfBFZjbLcwBAih1xfJS7v4DN3
DznwXqTlFtRJYKinVzF9QbWiyE+rO1kqmUlnUJYdNsazLO9JwTSP4G4/SYVaSFBDfO9LOd1KOqPw
2/Nw2l3voI5pMovxhw==
-----END CERTIFICATE-----
DER
$ curl \
    -k \
    -s \
    -H "Accept: application/pkix-cert" \
    -o - \
    https://localhost.localdomain:8443/ca/rest/authorities/803ff016-8e45-4d82-aa36-df23f314ae31/cert | openssl x509 -text -noout -inform der
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            ae:53:ae:f7:99:67:10:12:97:be:db:cd:55:bb:56:ca
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: O = EXAMPLE, OU = pki-tomcat, CN = CA Signing Certificate
        Validity
            Not Before: Oct 24 17:43:02 2023 GMT
            Not After : Oct 24 01:49:00 2043 GMT
        Subject: O = EXAMPLE, CN = Certificate Authority
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (3072 bit)
                Modulus:
                    00:d8:7c:05:34:25:d8:7c:c7:66:35:49:af:82:52:
                    02:5f:23:c6:21:44:6f:ed:cc:e7:0f:e6:80:e4:8c:
                    41:98:a4:c9:65:b0:e9:09:65:31:06:9c:dd:4a:e3:
                    91:b8:1d:c3:f0:15:ca:0d:6f:0c:a3:9a:c1:0b:7d:
                    a9:e9:dd:c8:c8:36:aa:0a:c8:7b:88:64:4b:94:59:
                    37:f4:df:25:c1:e4:09:87:7f:60:68:e0:8b:4d:cf:
                    dd:a5:e7:94:15:46:24:0c:c8:d6:59:40:d0:21:b5:
                    61:6d:50:22:59:c4:24:e2:4b:e8:ef:94:00:12:36:
                    66:f1:62:2e:b5:16:71:bb:5e:c0:26:24:be:c4:4b:
                    16:f7:98:7f:ba:49:c3:8b:fb:06:3b:84:e9:be:21:
                    32:6a:dd:23:d5:41:f1:39:7f:f5:46:f9:f3:72:58:
                    f2:51:f3:8b:32:51:98:83:b0:81:e8:73:85:dd:25:
                    c6:d8:f1:54:39:57:0c:18:85:0f:a9:dd:90:c5:e8:
                    df:50:42:90:44:97:ae:a3:24:42:3c:e1:38:ca:d3:
                    68:15:48:7d:02:78:40:57:de:99:9e:cd:6d:43:a6:
                    28:80:89:f4:a4:21:2e:ed:29:3d:dc:d7:7f:ba:f4:
                    61:4d:7c:91:76:43:99:99:23:7d:07:ce:a8:e4:ea:
                    cf:be:84:b9:38:08:2a:6c:0d:6d:a2:b6:c4:3a:02:
                    7a:39:9d:3a:58:43:64:25:7c:16:e0:55:88:4d:3b:
                    76:e9:ea:e6:5c:19:bf:c1:2a:42:e2:80:44:e2:fb:
                    03:bf:cb:89:d8:20:60:7b:37:50:00:53:8e:fe:61:
                    28:9e:af:39:4e:d0:a6:1e:9a:30:35:a8:d6:4e:04:
                    98:0b:aa:70:71:c3:e4:27:aa:33:f2:1e:c8:f3:0b:
                    84:82:2f:86:8b:23:8e:a0:59:44:bb:b5:a5:c2:0b:
                    5b:ed:79:b6:9d:e1:67:fd:eb:00:1f:9b:26:ba:77:
                    d8:4a:17:92:99:52:7c:d2:cf:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier:
                FC:6E:1F:C5:DB:A9:75:75:DC:54:CE:52:DA:82:74:65:D0:7B:CA:25
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
            X509v3 Subject Key Identifier:
                9A:0A:C0:EB:76:C2:DB:AC:23:30:A7:20:E3:5D:AA:C7:6D:AB:36:EF
            Authority Information Access:
                OCSP - URI:http://fedora:8080/ca/ocsp
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        57:a4:3f:c4:7a:98:97:7c:08:4e:d5:26:52:e4:7f:3e:c7:7f:
        67:4a:47:cc:e0:e4:07:71:a8:20:c5:37:76:f7:ba:14:15:99:
        3f:f9:1e:b4:61:52:0f:98:2d:b4:09:e8:0b:a4:b4:44:9a:df:
        96:c4:05:ea:89:cd:d4:16:bc:6d:04:10:04:16:58:29:91:f7:
        68:a2:ec:0e:d1:d2:50:10:cd:12:f5:33:34:34:2b:5f:0c:b8:
        da:f6:d4:c5:14:a1:75:e5:49:97:d2:8e:5f:6b:b5:ab:59:4b:
        b7:34:e3:1a:7b:fd:0c:d1:d8:e0:5b:df:f6:94:2c:b8:32:ea:
        93:b1:48:b8:df:e9:8b:d3:37:cf:71:da:5c:b9:bf:32:4c:4f:
        85:da:f7:a2:60:24:a2:91:d8:82:f4:f3:bb:b3:a7:1a:bc:16:
        cc:49:7e:6c:34:21:c2:8f:a3:18:9e:aa:7d:7c:d6:7e:fb:2e:
        ca:95:4b:9f:79:7e:83:aa:2d:bd:6c:af:82:d9:bd:4b:3d:1b:
        21:7f:ba:62:84:a0:6f:2c:53:29:b4:0a:c6:89:d1:28:04:26:
        7c:59:03:07:66:2d:85:e8:dd:72:82:f4:fc:77:64:2b:66:93:
        66:0a:5a:bb:05:dc:92:62:77:8a:67:c3:29:9d:01:5d:1c:2a:
        86:9b:ee:3a:d4:08:0b:0e:0c:ba:b1:fe:bf:cd:96:13:7f:9f:
        6b:b2:f4:7b:39:d7:ae:d9:ff:72:c0:77:ff:9c:ff:ca:5d:aa:
        d0:20:07:34:d4:0c:ed:9d:20:74:d9:60:ad:78:e1:1b:bd:3c:
        ea:64:cf:e4:df:55:f6:d8:e3:9c:cd:16:e9:fd:75:41:43:76:
        02:f4:df:06:08:a2:59:1a:53:c8:8f:a1:18:73:5b:59:29:2b:
        49:5c:f1:c2:ac:fb:fd:a7:18:75:4a:3f:af:65:7a:78:9b:c1:
        0e:51:4a:a4:08:ca:04:3a:13:6b:63:11:d8:3f:ae:74:58:51:
        eb:19:43:83:e7:67
⚠️ **GitHub.com Fallback** ⚠️