PKI CA Retrieve User Certificate REST API - dogtagpki/pki GitHub Wiki
-
Path:
/ca/rest/admin/users/{userID}/certs/{certID} -
Method:
POST -
Authentication: Client certificate
-
Parameters:
-
userID: string -
certID: string
-
-
Content: None
curl -k -H "Accept: application/json" --user caadmin:Secret.123 -s https://localhost.localdomain:8443/ca/rest/admin/users/caadmin/certs/2%3B6%3BCN%3DCA%20Signing%20Certificate%2COU%3Dpki-tomcat%2CO%3DEXAMPLE%3BCN%3DPKI%20Administrator%2CE%[email protected]%2COU%3Dpki-tomcat%2CO%3DEXAMPLE | python -m json.tool { "Version": 2, "SerialNumber": "0x6", "IssuerDN": "CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE", "SubjectDN": "CN=PKI Administrator,[email protected],OU=pki-tomcat,O=EXAMPLE", "PrettyPrint": " Certificate: \n Data: \n Version: v3\n Serial Number: 0x6\n Signature Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11\n Issuer: CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE\n Validity: \n Not Before: Monday, 7 June 2021 at 20:39:13 British Summer Time Europe/London\n Not After: Sunday, 28 May 2023 at 20:39:13 British Summer Time Europe/London\n Subject: CN=PKI Administrator,[email protected],OU=pki-tomcat,O=EXAMPLE\n Subject Public Key Info: \n Algorithm: RSA - 1.2.840.113549.1.1.1\n Public Key: \n Exponent: 65537\n Public Key Modulus: (2048 bits) :\n AB:2C:C8:34:2D:1E:11:5B:F9:DA:CD:67:EB:77:5F:9A:\n 31:7E:3C:F3:CC:BA:E3:87:05:5F:89:DA:20:41:8C:1A:\n 30:3F:A6:32:14:3B:BC:7A:5C:94:C6:DD:68:35:42:FB:\n 35:A6:EE:19:AE:51:DF:D3:C6:01:23:82:2B:30:49:D3:\n 7D:86:6E:7C:6C:34:2D:76:E4:F6:92:0B:97:D8:32:16:\n E9:D3:85:D6:35:C8:15:77:C4:DC:5E:89:D5:FD:8C:95:\n 92:8D:E6:D3:23:E5:DB:36:AE:F0:80:23:58:0C:83:7D:\n 09:93:DE:F2:ED:88:3F:33:1B:D8:6A:0A:52:18:9B:CB:\n A1:5F:58:90:E0:9A:FD:D9:04:02:E8:D8:95:46:C2:87:\n 4A:74:10:35:A5:79:0D:A9:98:D9:A3:40:DD:E6:9E:20:\n E8:19:73:9E:CE:48:05:58:62:2C:36:E3:40:14:9E:9D:\n 4E:8F:B1:D1:61:08:FB:AD:AD:08:5A:F8:BE:F6:BB:52:\n 27:C8:B7:6C:0B:6E:B3:B3:AF:23:84:8A:64:F1:4B:1B:\n B0:16:41:E8:51:80:91:73:A2:C0:E8:DA:5C:51:EB:F5:\n A2:89:BD:AE:81:8B:00:16:F7:D0:B8:D1:06:55:15:9A:\n E8:89:7A:4B:C8:3E:69:63:96:4F:C4:5F:84:81:73:8B\n Extensions: \n Identifier: Authority Key Identifier - 2.5.29.35\n Critical: no \n Key Identifier: \n 88:DC:03:59:0C:51:4B:33:1A:E0:FE:CC:2E:99:79:F8:\n 4A:FB:DA:7C\n Identifier: Authority Info Access: - 1.3.6.1.5.5.7.1.1\n Critical: no \n Access Description: \n Method #0: ocsp\n Location #0: URIName: http://localhost.localdomain:8080/ca/ocsp\n Identifier: Key Usage: - 2.5.29.15\n Critical: yes \n Key Usage: \n Digital Signature \n Non Repudiation \n Key Encipherment \n Identifier: Extended Key Usage: - 2.5.29.37\n Critical: no \n Extended Key Usage: \n 1.3.6.1.5.5.7.3.2\n 1.3.6.1.5.5.7.3.4\n Signature: \n Algorithm: SHA256withRSA - 1.2.840.113549.1.1.11\n Signature: \n 32:DF:25:00:79:7E:7B:C4:D0:EA:83:21:5D:05:2C:B7:\n 1D:32:DC:0E:27:4A:90:13:2A:BA:9D:43:31:66:36:03:\n E3:07:4F:0B:D0:1F:2B:37:D3:B5:98:65:B2:63:25:FD:\n FE:26:5A:01:46:96:A9:CE:C4:FC:60:09:C8:3C:7F:00:\n F1:8F:51:A0:8A:6F:69:BF:B8:DF:4E:52:65:A4:24:2C:\n 68:82:46:D6:A5:EE:1F:7B:D4:E2:00:33:0F:D1:97:F0:\n 60:1F:2C:83:AE:E3:8C:3C:4C:B1:1D:3D:4B:81:44:89:\n 7F:A0:86:35:51:DC:C5:B0:CC:2A:4A:4F:CC:4B:81:AC:\n 19:36:98:9D:A5:0A:DB:0E:68:72:BF:E6:4D:53:EE:09:\n 71:04:8C:1C:B2:60:A5:D3:7C:9A:86:6C:55:25:FD:11:\n EE:3F:45:87:4E:7B:EF:85:B9:B9:69:8C:01:E5:59:55:\n 4A:42:3B:72:29:64:2E:2E:D3:E4:37:0A:CB:C0:8C:3C:\n B9:C8:F4:14:51:6B:72:EF:1F:AB:D8:69:04:89:E9:5F:\n FD:BC:41:F0:38:26:BA:E1:60:61:C6:EF:6B:FD:43:73:\n 20:A2:D8:8C:D9:16:50:88:7C:C1:74:A1:A9:10:F7:B8:\n 69:45:7E:BA:F7:E8:A8:71:7C:55:CE:61:B4:2A:E3:61\n FingerPrint\n MD2:\n 6C:30:C0:16:6B:21:CB:92:18:33:01:CF:FA:04:39:6F\n MD5:\n F7:85:88:F4:82:FC:D4:7D:F3:03:E6:14:3C:25:81:1D\n SHA-1:\n 1C:1A:A6:64:08:54:65:F2:A6:00:C6:CB:6C:37:99:02:\n B7:E1:AE:CD\n SHA-256:\n BF:1F:5D:30:20:1E:00:73:28:61:BC:52:87:A8:36:BB:\n 9D:3F:BF:A3:07:36:55:CD:7C:23:AB:AE:2C:6F:34:BD\n SHA-512:\n C7:F1:CB:D8:6A:3A:AD:6F:9F:67:F2:01:EB:21:B6:3E:\n 52:82:FE:D0:C7:3A:9B:FF:D4:5A:A9:14:57:8A:CF:8C:\n 1D:6F:8F:11:26:B7:55:12:57:6B:56:08:BD:67:19:F9:\n 5D:E0:44:81:18:71:46:8D:52:41:54:91:23:42:8B:11\n", "Encoded": "-----BEGIN CERTIFICATE-----\nMIIDxTCCAq2gAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRAwDgYDVQQKDAdFWEFNUExFMRMwEQYD\r\nVQQLDApwa2ktdG9tY2F0MR8wHQYDVQQDDBZDQSBTaWduaW5nIENlcnRpZmljYXRlMB4XDTIxMDYw\r\nNzE5MzkxM1oXDTIzMDUyODE5MzkxM1owZzEQMA4GA1UECgwHRVhBTVBMRTETMBEGA1UECwwKcGtp\r\nLXRvbWNhdDEiMCAGCSqGSIb3DQEJARYTY2FhZG1pbkBleGFtcGxlLmNvbTEaMBgGA1UEAwwRUEtJ\r\nIEFkbWluaXN0cmF0b3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrLMg0LR4RW/na\r\nzWfrd1+aMX4888y644cFX4naIEGMGjA/pjIUO7x6XJTG3Wg1Qvs1pu4ZrlHf08YBI4IrMEnTfYZu\r\nfGw0LXbk9pILl9gyFunThdY1yBV3xNxeidX9jJWSjebTI+XbNq7wgCNYDIN9CZPe8u2IPzMb2GoK\r\nUhiby6FfWJDgmv3ZBALo2JVGwodKdBA1pXkNqZjZo0Dd5p4g6Blzns5IBVhiLDbjQBSenU6PsdFh\r\nCPutrQha+L72u1InyLdsC26zs68jhIpk8UsbsBZB6FGAkXOiwOjaXFHr9aKJva6BiwAW99C40QZV\r\nFZroiXpLyD5pY5ZPxF+EgXOLAgMBAAGjgZowgZcwHwYDVR0jBBgwFoAUiNwDWQxRSzMa4P7MLpl5\r\n+Er72nwwRQYIKwYBBQUHAQEEOTA3MDUGCCsGAQUFBzABhilodHRwOi8vbG9jYWxob3N0LmxvY2Fs\r\nZG9tYWluOjgwODAvY2Evb2NzcDAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIG\r\nCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4IBAQAy3yUAeX57xNDqgyFdBSy3HTLcDidKkBMqup1D\r\nMWY2A+MHTwvQHys307WYZbJjJf3+JloBRpapzsT8YAnIPH8A8Y9RoIpvab+4305SZaQkLGiCRtal\r\n7h971OIAMw/Rl/BgHyyDruOMPEyxHT1LgUSJf6CGNVHcxbDMKkpPzEuBrBk2mJ2lCtsOaHK/5k1T\r\n7glxBIwcsmCl03yahmxVJf0R7j9Fh05774W5uWmMAeVZVUpCO3IpZC4u0+Q3CsvAjDy5yPQUUWty\r\n7x+r2GkEielf/bxB8DgmuuFgYcbva/1DcyCi2IzZFlCIfMF0oakQ97hpRX669+iocXxVzmG0KuNh\r\n-----END CERTIFICATE-----\n", "Link": { "rel": "self", "href": "https://localhost.localdomain:8443/ca/rest/admin/users/caadmin/certs/2%253B6%253BCN%253DCA+Signing+Certificate%252COU%253Dpki-tomcat%252CO%253DEXAMPLE%253BCN%253DPKI+Administrator%252CE%253Dcaadmin%2540example.com%252COU%253Dpki-tomcat%252CO%253DEXAMPLE", "type": "application/xml" }, "id": "2;6;CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE;CN=PKI Administrator,[email protected],OU=pki-tomcat,O=EXAMPLE" }