CA Get Profile REST API - dogtagpki/pki GitHub Wiki
JSON
$ curl \ -k \ -s \ -H "Accept: application/json" \ --cookie cookies \ https://localhost.localdomain:8443/ca/rest/profiles/caUserCert | python -m json.tool { "id": "caUserCert", "classId": "caEnrollImpl", "name": "Manual User Dual-Use Certificate Enrollment", "description": "This certificate profile is for enrolling user certificates.", "enabled": true, "visible": false, "enabledBy": "admin", "authzAcl": "", "renewal": false, "inputs": [ { "id": "i1", "ClassID": "keyGenInputImpl", "Name": "Key Generation", "ConfigAttribute": [], "Attribute": [ { "name": "cert_request_type", "Descriptor": { "Syntax": "keygen_request_type", "Description": "Key Generation Request Type" } }, ... ] }, { "id": "i2", "ClassID": "subjectNameInputImpl", "Name": "Subject Name", "ConfigAttribute": [], "Attribute": [ { "name": "sn_uid", "Descriptor": { "Syntax": "string", "Description": "UID" } }, ... ] }, { "id": "i3", "ClassID": "submitterInfoInputImpl", "Name": "Requestor Information", "ConfigAttribute": [], "Attribute": [ { "name": "requestor_name", "Descriptor": { "Syntax": "string", "Description": "Requestor Name" } }, ... ] } ], "outputs": [ { "id": "o1", "name": "Certificate Output", "classId": "certOutputImpl", "attributes": [ { "name": "pretty_cert", "Descriptor": { "Syntax": "pretty_print", "Description": "Certificate Pretty Print" } }, ... ] } ], "policySets": { "userCertSet": [ { "id": "1", "def": { "name": "Subject Name Default", "classId": "userSubjectNameDefaultImpl", "text": "This default populates a User-Supplied Certificate Subject Name to the request.", "attributes": [ { "name": "name", "Descriptor": { "Syntax": "string", "Description": "Subject Name" } } ], "params": [ { "name": "useSysEncoding", "value": "" } ] }, "constraint": { "name": "Subject Name Constraint", "text": "This constraint accepts the subject name that matches UID=.*", "classId": "subjectNameConstraintImpl", "constraints": [ { "name": "pattern", "descriptor": { "Syntax": "string", "Description": "Subject Name Pattern" }, "value": "UID=.*" } ] } }, ... ] }, "xmloutput": false }
Raw
$ curl \ -k \ -s \ --cookie cookies \ https://localhost.localdomain:8443/ca/rest/profiles/caUserCert/raw auth.class_id= classId=caEnrollImpl desc=This certificate profile is for enrolling user certificates. enable=true enableBy=admin input.i1.class_id=keyGenInputImpl input.i2.class_id=subjectNameInputImpl input.i3.class_id=submitterInfoInputImpl input.list=i1,i2,i3 name=Manual User Dual-Use Certificate Enrollment output.list=o1 output.o1.class_id=certOutputImpl policyset.list=userCertSet policyset.userCertSet.1.constraint.class_id=subjectNameConstraintImpl policyset.userCertSet.1.constraint.name=Subject Name Constraint policyset.userCertSet.1.constraint.params.accept=true policyset.userCertSet.1.constraint.params.pattern=UID=.* policyset.userCertSet.1.default.class_id=userSubjectNameDefaultImpl policyset.userCertSet.1.default.name=Subject Name Default policyset.userCertSet.1.default.params.name= policyset.userCertSet.10.constraint.class_id=renewGracePeriodConstraintImpl policyset.userCertSet.10.constraint.name=Renewal Grace Period Constraint policyset.userCertSet.10.constraint.params.renewal.graceAfter=30 policyset.userCertSet.10.constraint.params.renewal.graceBefore=30 policyset.userCertSet.10.default.class_id=noDefaultImpl policyset.userCertSet.10.default.name=No Default policyset.userCertSet.2.constraint.class_id=validityConstraintImpl policyset.userCertSet.2.constraint.name=Validity Constraint policyset.userCertSet.2.constraint.params.notAfterCheck=false policyset.userCertSet.2.constraint.params.notBeforeCheck=false policyset.userCertSet.2.constraint.params.range=365 policyset.userCertSet.2.default.class_id=validityDefaultImpl policyset.userCertSet.2.default.name=Validity Default policyset.userCertSet.2.default.params.range=180 policyset.userCertSet.2.default.params.startTime=0 policyset.userCertSet.3.constraint.class_id=keyConstraintImpl policyset.userCertSet.3.constraint.name=Key Constraint policyset.userCertSet.3.constraint.params.keyParameters=1024,2048,3072,4096 policyset.userCertSet.3.constraint.params.keyType=RSA policyset.userCertSet.3.default.class_id=userKeyDefaultImpl policyset.userCertSet.3.default.name=Key Default policyset.userCertSet.4.constraint.class_id=noConstraintImpl policyset.userCertSet.4.constraint.name=No Constraint policyset.userCertSet.4.default.class_id=authorityKeyIdentifierExtDefaultImpl policyset.userCertSet.4.default.name=Authority Key Identifier Default policyset.userCertSet.5.constraint.class_id=noConstraintImpl policyset.userCertSet.5.constraint.name=No Constraint policyset.userCertSet.5.default.class_id=authInfoAccessExtDefaultImpl policyset.userCertSet.5.default.name=AIA Extension Default policyset.userCertSet.5.default.params.authInfoAccessADEnable_0=true policyset.userCertSet.5.default.params.authInfoAccessADLocationType_0=URIName policyset.userCertSet.5.default.params.authInfoAccessADLocation_0= policyset.userCertSet.5.default.params.authInfoAccessADMethod_0=1.3.6.1.5.5.7.48.1 policyset.userCertSet.5.default.params.authInfoAccessCritical=false policyset.userCertSet.5.default.params.authInfoAccessNumADs=1 policyset.userCertSet.6.constraint.class_id=keyUsageExtConstraintImpl policyset.userCertSet.6.constraint.name=Key Usage Extension Constraint policyset.userCertSet.6.constraint.params.keyUsageCritical=true policyset.userCertSet.6.constraint.params.keyUsageCrlSign=false policyset.userCertSet.6.constraint.params.keyUsageDataEncipherment=false policyset.userCertSet.6.constraint.params.keyUsageDecipherOnly=false policyset.userCertSet.6.constraint.params.keyUsageDigitalSignature=true policyset.userCertSet.6.constraint.params.keyUsageEncipherOnly=false policyset.userCertSet.6.constraint.params.keyUsageKeyAgreement=false policyset.userCertSet.6.constraint.params.keyUsageKeyCertSign=false policyset.userCertSet.6.constraint.params.keyUsageKeyEncipherment=true policyset.userCertSet.6.constraint.params.keyUsageNonRepudiation=true policyset.userCertSet.6.default.class_id=keyUsageExtDefaultImpl policyset.userCertSet.6.default.name=Key Usage Default policyset.userCertSet.6.default.params.keyUsageCritical=true policyset.userCertSet.6.default.params.keyUsageCrlSign=false policyset.userCertSet.6.default.params.keyUsageDataEncipherment=false policyset.userCertSet.6.default.params.keyUsageDecipherOnly=false policyset.userCertSet.6.default.params.keyUsageDigitalSignature=true policyset.userCertSet.6.default.params.keyUsageEncipherOnly=false policyset.userCertSet.6.default.params.keyUsageKeyAgreement=false policyset.userCertSet.6.default.params.keyUsageKeyCertSign=false policyset.userCertSet.6.default.params.keyUsageKeyEncipherment=true policyset.userCertSet.6.default.params.keyUsageNonRepudiation=true policyset.userCertSet.7.constraint.class_id=noConstraintImpl policyset.userCertSet.7.constraint.name=No Constraint policyset.userCertSet.7.default.class_id=extendedKeyUsageExtDefaultImpl policyset.userCertSet.7.default.name=Extended Key Usage Extension Default policyset.userCertSet.7.default.params.exKeyUsageCritical=false policyset.userCertSet.7.default.params.exKeyUsageOIDs=1.3.6.1.5.5.7.3.2,1.3.6.1.5.5.7.3.4 policyset.userCertSet.8.constraint.class_id=noConstraintImpl policyset.userCertSet.8.constraint.name=No Constraint policyset.userCertSet.8.default.class_id=subjectAltNameExtDefaultImpl policyset.userCertSet.8.default.name=Subject Alt Name Constraint policyset.userCertSet.8.default.params.subjAltExtGNEnable_0=true policyset.userCertSet.8.default.params.subjAltExtPattern_0=$request.requestor_email$ policyset.userCertSet.8.default.params.subjAltExtType_0=RFC822Name policyset.userCertSet.8.default.params.subjAltNameExtCritical=false policyset.userCertSet.8.default.params.subjAltNameNumGNs=1 policyset.userCertSet.9.constraint.class_id=signingAlgConstraintImpl policyset.userCertSet.9.constraint.name=No Constraint policyset.userCertSet.9.constraint.params.signingAlgsAllowed=SHA256withRSA,SHA512withRSA,SHA256withEC,SHA384withRSA,SHA384withEC,SHA512withEC,SHA256withRSA/PSS,SHA384withRSA/PSS,SHA512withRSA/PSS policyset.userCertSet.9.default.class_id=signingAlgDefaultImpl policyset.userCertSet.9.default.name=Signing Alg policyset.userCertSet.9.default.params.signingAlg=- policyset.userCertSet.list=1,10,2,3,4,5,6,7,8,9 profileId=caUserCert visible=false