Back to top

X.509 Identity Management

API documentation for X.509 Identity Management

X.509

API to provide x.509 identification for final dojot entities, that is, IoT devices that communicate with the dojot IoT platform.

Endpoint for certificates in general

Create x.509 Certificate from CSR or register an external certificate (issued by a trusted CA)
POST/certificates

Creates a X.509 certificate using the specified Certificate Signing Request (CSR) or register an external certificate to identify a device that already has a factory certificate.

In the case of CSR:

  • The SubjectDN only needs to contain the CN field, limited to 255 characters, being A-Z, a-z, 0-9 and space;

  • It must include a public key that is either an RSA key with a length of at least 2048 bits or an ECC key from NIST recommended curves: P-256, P-384 or P-521;

In the case of external certificate:

  • The certificate of the trusted CA must have been previously registered on the platform or it is possible to register the CA and the external certificate at once, but this is an option that must be enabled in the service;

  • The attribute certificateChain starts with the certificate of the device and goes to the end of the chain of trust that ends in the CA certificate trusted by the platform;

  • Full CA certificate can be provided in the chain, or just its caFingerprint to decrease the size of the payload, since the certificate of the trusted CA must have been previously registered on the platform.

  • It is still necessary that the certificates of the intermediate CAs are in the chain of trust (if any).

  • If the option to register the trusted CA together with the external certificate is enabled, it will be necessary for the root CA certificate to be in the chain of trust.

  • The belongsTo attribute identifies the device with which the external certificate will be associated. This attribute is not mandatory, and the client can inform this attribute later when changing the certificate registration.

If the CSR does not have a valid structure or if any of the above conditions are not met, a response status 400 (Bad Request) will be returned, containing a message detailing the cause of the error.

Example URI

POST https://localhost:8000/x509/v1/certificates
Request  Create x.509 Certificate from CSR
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Body
{
  "csr": "CSR in PEM Format"
}
Schema
{
  "$schema": "http://json-schema.org/draft-07/schema",
  "type": "object",
  "default": {},
  "additionalProperties": false,
  "properties": {
    "csr": {
      "type": "string",
      "title": "Certificate Signing Request (CSR) Schema",
      "description": "Schema for validating an PKCS#10 CSR.",
      "contentEncoding": "base64",
      "contentMediaType": "application/pkcs10",
      "maxLength": 65536,
      "pattern": "^-{5}BEGIN CERTIFICATE REQUEST-{5}(\\r\\n|\\r|\\n)([-A-Za-z0-9+/=]{1,64}(\\r\\n|\\r|\\n))+-{5}END CERTIFICATE REQUEST-{5}$"
    }
  }
}
Response  201
HideShow
Headers
Content-Type: application/json
Body
{
  "certificateFingerprint": "D3:20:80:C7:89:B6:5D:B9:83:BF:D1:7E:93:6A:F2:CB:0B:57:CF:33:30:ED:9E:4A:7C:05:4D:D4:D0:8E:3D:2F",
  "certificatePem": "-----BEGIN CERTIFICATE-----[[Certificate Base64 Encoded em PEM Format]]-----END CERTIFICATE-----"
}
Schema
{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "certificateFingerprint": {
      "type": "string",
      "description": "Fingerprint (as SHA256) of the certificate, where each byte (represented by hexadecimal pair of characters) are separated by a colon."
    },
    "certificatePem": {
      "type": "string",
      "description": "The PEM format consists of a header and a footer, the Certificate is encoded in *Base64* in the middle.\nNote that each line has a maximum of 64 bytes. As the file is in JSON payload, it is necessary to represent the line breaks with the `\\r\\n` markers."
    }
  }
}
Request  Register an external certificate
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Body
{
  "certificateChain": "Chain of trust in PEM Format",
  "caFingerprint": "Fingerprint (as SHA256) of the trusted CA",
  "belongsTo": {
    "device": "Device ID"
  }
}
Schema
{
  "$schema": "http://json-schema.org/draft-07/schema",
  "type": "object",
  "default": {},
  "additionalProperties": false,
  "properties": {
    "certificateChain": {
      "type": "string",
      "title": "X509 Certificate PEM Schema",
      "description": "Schema for validating one or more v3 x.509 certificates in PEM format.",
      "contentEncoding": "base64",
      "contentMediaType": "application/x-pem-file",
      "maxLength": 65536,
      "pattern": "^(-{5}BEGIN CERTIFICATE-{5}(\\r\\n|\\r|\\n)([-A-Za-z0-9+/=]{1,64}(\\r\\n|\\r|\\n))+-{5}END CERTIFICATE-{5}(\\r\\n|\\r|\\n)?)+$"
    },
    "caFingerprint": {
      "type": "string",
      "title": "Fingerprint Schema",
      "description": "fingerprint is a SHA-256 hash of the CA certificate",
      "maxLength": 95,
      "pattern": "^([A-Fa-f0-9]{2}:?){32}$"
    },
    "belongsTo": {
      "type": "object",
      "title": "Link between certificate and device",
      "description": "Object that associates the certificate with a device.",
      "additionalProperties": false,
      "properties": {
        "device": {
          "type": [
            "string",
            "null"
          ],
          "title": "Device ID",
          "description": "Identifies the device that the x.509 certificate is attached to.",
          "maxLength": 10,
          "pattern": "^[0-9a-fA-F]{10}$"
        }
      }
    }
  }
}
Response  201
HideShow
Headers
Content-Type: application/json
Body
{
  "certificateFingerprint": "D3:20:80:C7:89:B6:5D:B9:83:BF:D1:7E:93:6A:F2:CB:0B:57:CF:33:30:ED:9E:4A:7C:05:4D:D4:D0:8E:3D:2F"
}
Schema
{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "certificateFingerprint": {
      "type": "string",
      "description": "Fingerprint (as SHA256) of the certificate, where each byte (represented by hexadecimal pair of characters) are separated by a colon."
    }
  }
}
Response  400
HideShow
Headers
Content-Type: application/json
Body
{
  "message": "A message describing the cause of the error"
}
Schema
{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "message": {
      "type": "string",
      "description": "A message describing the cause of the error"
    }
  }
}

List X.509 Certificates
GET/certificates{?page,limit,fields,keyVal}

Lists the x.509 certificates registered for your tenant. The results might be filtered and are paginated with a default page size of 25.

Example URI

GET https://localhost:8000/x509/v1/certificates?page=&limit=&fields=&keyVal=
URI Parameters
HideShow
page
number (optional) Default: 1 

It is a metadata for paginated results.

limit
number (optional) Default: 25 

The maximum number of results to return per page.

fields
string (optional) 

List of keys (comma-separated) that should be included in the result. If the fields parameter is not set, all keys will be kept in the result.

keyVal
string (optional) 

Filters the returned records by the given key=val. If more than one key=val pair is set; the returned records must contain all of them.

Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Response  200
HideShow
Headers
Content-Type: application/json
Body
{
  "paging": {
    "previous": {
      "number": 1,
      "url": "/x509/v1/certificates?page=1&limit=5"
    },
    "current": {
      "number": 2,
      "url": "/x509/v1/certificates?page=2&limit=5"
    },
    "next": {
      "number": 3,
      "url": "/x509/v1/certificates?page=3&limit=5"
    },
    "totalItems": 55,
    "totalPages": 11,
    "limitPerPage": 5
  },
  "certificates": [
    {
      "issuedByDojotPki": true,
      "autoRegistered": false,
      "fingerprint": "01:89:B9:85:55:38:34:B6:43:12:57:EC:09:08:0B:22:31:BC:FC:3D:AF:C8:00:94:C0:89:60:89:54:63:17:F0",
      "pem": "-----BEGIN CERTIFICATE-----\nMIIGZDCCBEygAwIBAgIUG/kCnjE/+o1Gd7fJ5uROnUA8PAYwDQYJKoZIhvcNAQEL\nBQAwejEjMCEGCgmSJomT8ixkAQEME2MtMGZhMzliMzNlNTZlMDY1MTkxGTAXBgNV\nBAMMEFg1MDkgSWRlbnRpdHkgQ0ExGzAZBgNVBAsMEkNlcnRpZmljYXRlIElzc3Vl\ncjEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMB4XDTIwMDYwNjIxMTMwMFoX\nDTIxMDYwNjIxMTMwMFowSjEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMSsw\nKQYDVQQDDCJhZG1pbjpUZXN0ZSBkZSBjaGF2ZSBFQ0Mgc2VjcDM4NHIxMHYwEAYH\nKoZIzj0CAQYFK4EEACIDYgAEHWk7X3/gQAUZ9jV1adKr6V9W08C2/+R47WX2f5J8\nOzggEJISeAR0XDCo5ezglsOkd8v7rJ1h/lGfoCjKzc61V4htK2ILHAcGuf6YdvyQ\n9sJhq//JHScVygwWI+ARzk0So4ICvjCCArowDAYDVR0TAQH/BAIwADAfBgNVHSME\nGDAWgBRYwnJHcMRm7FhBL94f/rMtQs+UYDCB3AYDVR0uBIHUMIHRMIHOoIHLoIHI\nhoHFaHR0cDovLzE3Mi4xOC4wLjMKMTcyLjE5LjAuNDo4MDgwL2VqYmNhL3B1Ymxp\nY3dlYi93ZWJkaXN0L2NlcnRkaXN0P2NtZD1kZWx0YWNybCZpc3N1ZXI9VUlEJTNE\nYy0wZmEzOWIzM2U1NmUwNjUxOSUyQ0NOJTNEWDUwOSUyMElkZW50aXR5JTIwQ0El\nMkNPVSUzRENlcnRpZmljYXRlJTIwSXNzdWVyJTJDTyUzRGRvam90JTIwSW9UJTIw\nUGxhdGZvcm0wHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMIIBWgYDVR0f\nBIIBUTCCAU0wggFJoIHGoIHDhoHAaHR0cDovLzE3Mi4xOC4wLjMKMTcyLjE5LjAu\nNDo4MDgwL2VqYmNhL3B1YmxpY3dlYi93ZWJkaXN0L2NlcnRkaXN0P2NtZD1jcmwm\naXNzdWVyPVVJRCUzRGMtMGZhMzliMzNlNTZlMDY1MTklMkNDTiUzRFg1MDklMjBJ\nZGVudGl0eSUyMENBJTJDT1UlM0RDZXJ0aWZpY2F0ZSUyMElzc3VlciUyQ08lM0Rk\nb2pvdCUyMElvVCUyMFBsYXRmb3Jton6kfDB6MSMwIQYKCZImiZPyLGQBAQwTYy0w\nZmEzOWIzM2U1NmUwNjUxOTEZMBcGA1UEAwwQWDUwOSBJZGVudGl0eSBDQTEbMBkG\nA1UECwwSQ2VydGlmaWNhdGUgSXNzdWVyMRswGQYDVQQKDBJkb2pvdCBJb1QgUGxh\ndGZvcm0wHQYDVR0OBBYEFDZLtrE9HG9wXzzAWu6QQBchA5gOMA4GA1UdDwEB/wQE\nAwID6DANBgkqhkiG9w0BAQsFAAOCAgEAh8Hd+81mvVpBkCFifUAyu8JKuACbDsRA\nLlOpA1i0oj+gMGyhkHPjo3+tuPWAsiHq7/4GucnCd29/jXO97M2YM0u1tAs8rQmu\nTnJR75H9O0mYbB+CNAJV9ZgcjZspFb8JVcMumA0nlcJHg7yHEZ7Awy5g+FsDiE9b\nckkSo90o0UPt1toXgGqVNQwT7wXVOTFJgEee9C2/oO/AgR5mWxZMAVI7afgGddbM\n/FsSUAmfjq6Cay5d56aJrfKEV480Mp0YevEdBmRHF4nHx+9xtnouc0FaPBvU7DXB\nw+h3VLUuIi5l2Ro9MvnUWMNNqdvXD+5HeaQbIbP2tQ+rE/Pg2w1txuxm+XbnMbCr\nh3NV8gZk3nwyKXa9L64DJaTNu1ZScxm0GqhVSbLLTDqraK3IGVQ5uDcCaU0jH9o5\na0ZjanmcICBKuttyKcWm20E/KmmS7frBFxvmrOE0tb3XVy4Nt8cF8oScxJKC0hAx\nAgjomVslurKCT33TBlv4GJwamalHoaH8RGrkfMGpFe6r9N+Sv8aEAajFidd0vF0a\nle9jNrO88BrEADYXc+KSTJR5YNV2L/zMYBGMv8dB8ZadmJjUNlZEsFddeqGiwuIG\nB1HJ23q/kF3dwI/lnl1kYXtsweEdgAmiaSqgEOG4eRbV9UBS2cqDvHuhYJhoY47J\n61vg0s7WFh0=\n-----END CERTIFICATE-----",
      "belongsTo": {},
      "tenant": "admin",
      "createdAt": "2020-06-06T21:13:36.448Z"
    },
    {
      "issuedByDojotPki": true,
      "autoRegistered": false,
      "fingerprint": "05:5B:91:45:81:93:55:92:AD:7A:0A:40:F4:05:05:0C:6F:31:14:97:D9:01:87:86:90:50:5C:F8:7B:97:F9:78",
      "pem": "-----BEGIN CERTIFICATE-----\nMIIGRjCCBC6gAwIBAgIUWaMM+XRlf4mugbY6bjC7fEOjfEwwDQYJKoZIhvcNAQEL\nBQAwejEjMCEGCgmSJomT8ixkAQEME2MtMGZhMzliMzNlNTZlMDY1MTkxGTAXBgNV\nBAMMEFg1MDkgSWRlbnRpdHkgQ0ExGzAZBgNVBAsMEkNlcnRpZmljYXRlIElzc3Vl\ncjEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMB4XDTIwMDYwNjIxMDcwMFoX\nDTIxMDYwNjIxMDcwMFowSTEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMSow\nKAYDVQQDDCFhZG1pbjpFQ0MgcHJpbWUyNTZ2MSBUaGlhZ28gVGVzdGUwWTATBgcq\nhkjOPQIBBggqhkjOPQMBBwNCAAScpvJvi3wQGER+b2CQ3/E+Nw+ddTCu2fv5sF/E\nBqVe0tWQu1rWPDmrwmjkIOM33e1fo0SzeNaDrDurPEx7OTAOo4ICvjCCArowDAYD\nVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRYwnJHcMRm7FhBL94f/rMtQs+UYDCB3AYD\nVR0uBIHUMIHRMIHOoIHLoIHIhoHFaHR0cDovLzE3Mi4xOC4wLjMKMTcyLjE5LjAu\nNDo4MDgwL2VqYmNhL3B1YmxpY3dlYi93ZWJkaXN0L2NlcnRkaXN0P2NtZD1kZWx0\nYWNybCZpc3N1ZXI9VUlEJTNEYy0wZmEzOWIzM2U1NmUwNjUxOSUyQ0NOJTNEWDUw\nOSUyMElkZW50aXR5JTIwQ0ElMkNPVSUzRENlcnRpZmljYXRlJTIwSXNzdWVyJTJD\nTyUzRGRvam90JTIwSW9UJTIwUGxhdGZvcm0wHQYDVR0lBBYwFAYIKwYBBQUHAwIG\nCCsGAQUFBwMEMIIBWgYDVR0fBIIBUTCCAU0wggFJoIHGoIHDhoHAaHR0cDovLzE3\nMi4xOC4wLjMKMTcyLjE5LjAuNDo4MDgwL2VqYmNhL3B1YmxpY3dlYi93ZWJkaXN0\nL2NlcnRkaXN0P2NtZD1jcmwmaXNzdWVyPVVJRCUzRGMtMGZhMzliMzNlNTZlMDY1\nMTklMkNDTiUzRFg1MDklMjBJZGVudGl0eSUyMENBJTJDT1UlM0RDZXJ0aWZpY2F0\nZSUyMElzc3VlciUyQ08lM0Rkb2pvdCUyMElvVCUyMFBsYXRmb3Jton6kfDB6MSMw\nIQYKCZImiZPyLGQBAQwTYy0wZmEzOWIzM2U1NmUwNjUxOTEZMBcGA1UEAwwQWDUw\nOSBJZGVudGl0eSBDQTEbMBkGA1UECwwSQ2VydGlmaWNhdGUgSXNzdWVyMRswGQYD\nVQQKDBJkb2pvdCBJb1QgUGxhdGZvcm0wHQYDVR0OBBYEFD1vcBmX/6Of+o7t8eis\nKz8AyLtgMA4GA1UdDwEB/wQEAwID6DANBgkqhkiG9w0BAQsFAAOCAgEALwyxbhhT\nPbZelxPYPZc7uTwtYOi4Ha4npk2iPWa48c5p37o0qID5wk0evoGJgjwngDfGEBfs\nG4dYipFjxSi+bkjhV6Bll8VXasMM/U4YaftQu3uEsTnjbGVXEY3jQmetXQ+hPcn6\nqlj9jqQPBwI6ieoXuLXBdBB8eLtCxIwjBeXWT75m6ILRUw9csDEkt+tjZx913jWe\nh8skZ280EbfJnketd0oayzU3exsoaHXuHXEdEJBjUptl5eLBoVGGsgV6rMATeZ/a\n64BeyFV4uaQWYVphz12xplysxOc/SemkZPZEci3lkct163FQuRdazWJnikjWg3ht\n9dJh9jiXwCuGL/hwFNjHrFil0dKhI53TOpqO+lgtxZwnImVwvXrf+UtmJ+YdGeJu\ntAuJdehJ6O/lHD4GUhFWAWD1LCyOPxi+wgUGrH43qLcybvQferNxqZPnnpmn2EjP\nhl+4OWoryhjXUR8UpV2MLr0P6QRvl6y159oISFNxa4JjBGXBmWF770ccp6FTukUg\nvC8MSMLtgnBJqJ/UyYF8QKKTdnfwoQQQOeyOeJ59zIQxjeic8bRywZxLHrHMNYYc\n/+jQiqMc7K/+3Cmn8GiUcPJtUv+qlcD3bJMv6RxDaj/OLUVA6vSOwKEepFueb71b\nDpsr30AtcONH8L8ujiO/ZMil/6KJG00glr8=\n-----END CERTIFICATE-----",
      "belongsTo": {},
      "tenant": "admin",
      "createdAt": "2020-06-06T21:07:56.765Z"
    },
    {
      "issuedByDojotPki": true,
      "autoRegistered": false,
      "fingerprint": "06:F6:68:C7:97:D0:8D:2D:BD:81:00:64:70:28:50:CE:FA:3B:54:C1:D2:6E:56:F7:1A:F0:6C:D5:19:AA:A1:94",
      "pem": "-----BEGIN CERTIFICATE-----\nMIIGZDCCBEygAwIBAgIUZmlG21/XH0EoRo3IpaDpB1JnPK4wDQYJKoZIhvcNAQEL\nBQAwejEjMCEGCgmSJomT8ixkAQEME2MtMGZhMzliMzNlNTZlMDY1MTkxGTAXBgNV\nBAMMEFg1MDkgSWRlbnRpdHkgQ0ExGzAZBgNVBAsMEkNlcnRpZmljYXRlIElzc3Vl\ncjEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMB4XDTIwMDYwNjIxMTMwMFoX\nDTIxMDYwNjIxMTMwMFowSjEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMSsw\nKQYDVQQDDCJhZG1pbjpUZXN0ZSBkZSBjaGF2ZSBFQ0Mgc2VjcDM4NHIxMHYwEAYH\nKoZIzj0CAQYFK4EEACIDYgAEHWk7X3/gQAUZ9jV1adKr6V9W08C2/+R47WX2f5J8\nOzggEJISeAR0XDCo5ezglsOkd8v7rJ1h/lGfoCjKzc61V4htK2ILHAcGuf6YdvyQ\n9sJhq//JHScVygwWI+ARzk0So4ICvjCCArowDAYDVR0TAQH/BAIwADAfBgNVHSME\nGDAWgBRYwnJHcMRm7FhBL94f/rMtQs+UYDCB3AYDVR0uBIHUMIHRMIHOoIHLoIHI\nhoHFaHR0cDovLzE3Mi4xOC4wLjMKMTcyLjE5LjAuNDo4MDgwL2VqYmNhL3B1Ymxp\nY3dlYi93ZWJkaXN0L2NlcnRkaXN0P2NtZD1kZWx0YWNybCZpc3N1ZXI9VUlEJTNE\nYy0wZmEzOWIzM2U1NmUwNjUxOSUyQ0NOJTNEWDUwOSUyMElkZW50aXR5JTIwQ0El\nMkNPVSUzRENlcnRpZmljYXRlJTIwSXNzdWVyJTJDTyUzRGRvam90JTIwSW9UJTIw\nUGxhdGZvcm0wHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMIIBWgYDVR0f\nBIIBUTCCAU0wggFJoIHGoIHDhoHAaHR0cDovLzE3Mi4xOC4wLjMKMTcyLjE5LjAu\nNDo4MDgwL2VqYmNhL3B1YmxpY3dlYi93ZWJkaXN0L2NlcnRkaXN0P2NtZD1jcmwm\naXNzdWVyPVVJRCUzRGMtMGZhMzliMzNlNTZlMDY1MTklMkNDTiUzRFg1MDklMjBJ\nZGVudGl0eSUyMENBJTJDT1UlM0RDZXJ0aWZpY2F0ZSUyMElzc3VlciUyQ08lM0Rk\nb2pvdCUyMElvVCUyMFBsYXRmb3Jton6kfDB6MSMwIQYKCZImiZPyLGQBAQwTYy0w\nZmEzOWIzM2U1NmUwNjUxOTEZMBcGA1UEAwwQWDUwOSBJZGVudGl0eSBDQTEbMBkG\nA1UECwwSQ2VydGlmaWNhdGUgSXNzdWVyMRswGQYDVQQKDBJkb2pvdCBJb1QgUGxh\ndGZvcm0wHQYDVR0OBBYEFDZLtrE9HG9wXzzAWu6QQBchA5gOMA4GA1UdDwEB/wQE\nAwID6DANBgkqhkiG9w0BAQsFAAOCAgEAG3QPbes/2ufPlehHmr7exfZ7ZwhuWlDp\nFGTbL/VKsciBDZBZ5ZPUPTrmcDKVdXs/lN/AzxifQUZ2AWlLv6h8P6uoJ2MCgxNp\n/7TW3IMKMiPcuBowPPmxaXP/DCnGhuZ9sxxh5zUYyqzOK2qJTaGqK1rI+MjE2Efh\nw5ULlqw5MddwXuGBmsKfmfW65Ix8n+5cUMW0X6APkG5iX2P+57BDHSt6v8UbzMAS\nzwRQZ9oec5KwS7icZTREfqJ50edNpqLuoZ+UCnjkgoCpyG9TvH3SiihQo6W9CQ9J\nA6Z1K2TMW56dIdc0PDQ9uiV/xuVtkxyDQxgEGsWw0ecN7JeM2vGMR00c//NdVXq9\nnyuJWLbhBAiZDit2kn0sXtCZS0uXp46f+iIwNfVt6HhSVxDtI0WPPjq4+RqaUbIA\nkmR/gv2QAjp6XqTHPX+wXv2iQz9WF96EAPL2n1Wj4WEhlmP3t7uSGQj5ITiPqbX9\nJgxNFI6xZkIjeJZuvsZWekhbZ4ULRngF8a1KdkKvomTZhEYtm7SjCop565InLo0+\n3/MDhNKIIHQC58kV0wqw2Q6S3twKzOnxdYMWaXN/UZYIiJxkIQ+6breaKO8geZ74\ncDIwplNG5Dze2NfOwY7R8YMpYYNCLbygx7+TqkCAYlls7bNgjDZ8ch/1a4aYFtHl\n9K1e9s4zjdw=\n-----END CERTIFICATE-----",
      "belongsTo": {},
      "tenant": "admin",
      "createdAt": "2020-06-06T21:13:37.619Z"
    },
    {
      "issuedByDojotPki": true,
      "autoRegistered": false,
      "fingerprint": "14:61:7A:C9:41:47:47:35:E1:37:E4:35:C4:3E:CE:BE:62:28:CB:B2:CF:A5:6F:1A:E5:30:64:F8:CC:74:39:78",
      "pem": "-----BEGIN CERTIFICATE-----\nMIIGijCCBHKgAwIBAgIUA5KTnZU3BV/W1Y8azQ5+4qW2e5swDQYJKoZIhvcNAQEL\nBQAwejEjMCEGCgmSJomT8ixkAQEME2MtMGZhMzliMzNlNTZlMDY1MTkxGTAXBgNV\nBAMMEFg1MDkgSWRlbnRpdHkgQ0ExGzAZBgNVBAsMEkNlcnRpZmljYXRlIElzc3Vl\ncjEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMB4XDTIwMDYwNjIxMTMwMFoX\nDTIxMDYwNjIxMTMwMFowSjEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMSsw\nKQYDVQQDDCJhZG1pbjpUZXN0ZSBkZSBjaGF2ZSBFQ0Mgc2VjcDUyMXIxMIGbMBAG\nByqGSM49AgEGBSuBBAAjA4GGAAQAnBJFrKXkqraaEEpxxvJRx9NUU/NzyPKQkX2f\nnaUQxn6e9Q88BtskqrvkpNeEd6BJP43EuGsrG54wmCmG/HeTAD0BHcvIpcbPgEd7\nUcS4LHtt3DPKuqazet7tD8zlLShs6dCSM3djr+kArxcSjNCJG0iPgEME53Er3jbK\nWbhznLHMUZ2jggK+MIICujAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFFjCckdw\nxGbsWEEv3h/+sy1Cz5RgMIHcBgNVHS4EgdQwgdEwgc6ggcuggciGgcVodHRwOi8v\nMTcyLjE4LjAuMwoxNzIuMTkuMC40OjgwODAvZWpiY2EvcHVibGljd2ViL3dlYmRp\nc3QvY2VydGRpc3Q/Y21kPWRlbHRhY3JsJmlzc3Vlcj1VSUQlM0RjLTBmYTM5YjMz\nZTU2ZTA2NTE5JTJDQ04lM0RYNTA5JTIwSWRlbnRpdHklMjBDQSUyQ09VJTNEQ2Vy\ndGlmaWNhdGUlMjBJc3N1ZXIlMkNPJTNEZG9qb3QlMjBJb1QlMjBQbGF0Zm9ybTAd\nBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwggFaBgNVHR8EggFRMIIBTTCC\nAUmggcaggcOGgcBodHRwOi8vMTcyLjE4LjAuMwoxNzIuMTkuMC40OjgwODAvZWpi\nY2EvcHVibGljd2ViL3dlYmRpc3QvY2VydGRpc3Q/Y21kPWNybCZpc3N1ZXI9VUlE\nJTNEYy0wZmEzOWIzM2U1NmUwNjUxOSUyQ0NOJTNEWDUwOSUyMElkZW50aXR5JTIw\nQ0ElMkNPVSUzRENlcnRpZmljYXRlJTIwSXNzdWVyJTJDTyUzRGRvam90JTIwSW9U\nJTIwUGxhdGZvcm2ifqR8MHoxIzAhBgoJkiaJk/IsZAEBDBNjLTBmYTM5YjMzZTU2\nZTA2NTE5MRkwFwYDVQQDDBBYNTA5IElkZW50aXR5IENBMRswGQYDVQQLDBJDZXJ0\naWZpY2F0ZSBJc3N1ZXIxGzAZBgNVBAoMEmRvam90IElvVCBQbGF0Zm9ybTAdBgNV\nHQ4EFgQUKf1jtwgfqvEOnc4mHsYdeVSjSJMwDgYDVR0PAQH/BAQDAgPoMA0GCSqG\nSIb3DQEBCwUAA4ICAQAc6QkunA0A7hyQhGlilvtzdeCvbvyX6e2LpPR+IZ8fd8Be\nGPYyMiwE/u5IK+N8yuBSadT/q0MgM1xJ5o8995SxV66a3DB5vB6kaPvC5af6+mjS\nPkvnkCvUEUQ306f8fStDfBxHj9Cwyc810RG5fg4iHPDTpe/Wpf+qYDWTWA45oein\niLMG+FuFuERwYteydHlS8jZNr5kWNYjihDZ7K5kKbHEwdMW0exnUWXBDwkvL45hH\nV+iw1AMzO1SA9YpQCJtbRaMkDA8QIa1MPNOp6xIpSPrAWaq8nJjZQ8VZi+I3tD6Z\nylfJ9Dw0hj9iuiTBkIWUU2FHTZnFLA35Tm+TyfJ2JKJB9asKJiumHAep6g3+o2Ws\nOMCgXY6O4LQAdcxyqWArbKy0A/jng8Rpk1LemidvCxm3b+qUjKjIFBVG1ne5Rl6J\niqBLxOPo1En2PGas/ZV4nwgAS+3Z2VyckGeL3OsiqZ+UKXyNhu3P3fFk9GgBiPHi\nDUsgojmupyhYiSHTvT220abJtrdubusjw+KuxOG6/R6XXyF8xXFa86vYRJz2lWgc\nmJ9rqwF0sDf9DReaaewnBEjgX2lgZyfE3digQzsmNvmCnNGDpoHJX9BMr/K9sY6E\n8N8CUnY2toEjV3WFx08yerg3LaubVBZSMYnxKkn7r5jGzlqvKWmnIl6aZzD9mA==\n-----END CERTIFICATE-----",
      "belongsTo": {},
      "tenant": "admin",
      "createdAt": "2020-06-06T21:13:32.490Z"
    },
    {
      "issuedByDojotPki": true,
      "autoRegistered": false,
      "fingerprint": "1A:76:96:74:59:BB:A2:FD:04:3C:7E:8C:D6:72:6D:9A:B2:36:D6:3B:38:C2:CF:3F:F8:FA:EE:97:E6:CD:B6:B3",
      "pem": "-----BEGIN CERTIFICATE-----\nMIIGRjCCBC6gAwIBAgIUBT0AjgZAzJO2U+vs4MZXXpEF6SUwDQYJKoZIhvcNAQEL\nBQAwejEjMCEGCgmSJomT8ixkAQEME2MtMGZhMzliMzNlNTZlMDY1MTkxGTAXBgNV\nBAMMEFg1MDkgSWRlbnRpdHkgQ0ExGzAZBgNVBAsMEkNlcnRpZmljYXRlIElzc3Vl\ncjEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMB4XDTIwMDYwNjIxMTMwMFoX\nDTIxMDYwNjIxMTMwMFowSTEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMSow\nKAYDVQQDDCFhZG1pbjpFQ0MgcHJpbWUyNTZ2MSBUaGlhZ28gVGVzdGUwWTATBgcq\nhkjOPQIBBggqhkjOPQMBBwNCAAScpvJvi3wQGER+b2CQ3/E+Nw+ddTCu2fv5sF/E\nBqVe0tWQu1rWPDmrwmjkIOM33e1fo0SzeNaDrDurPEx7OTAOo4ICvjCCArowDAYD\nVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRYwnJHcMRm7FhBL94f/rMtQs+UYDCB3AYD\nVR0uBIHUMIHRMIHOoIHLoIHIhoHFaHR0cDovLzE3Mi4xOC4wLjMKMTcyLjE5LjAu\nNDo4MDgwL2VqYmNhL3B1YmxpY3dlYi93ZWJkaXN0L2NlcnRkaXN0P2NtZD1kZWx0\nYWNybCZpc3N1ZXI9VUlEJTNEYy0wZmEzOWIzM2U1NmUwNjUxOSUyQ0NOJTNEWDUw\nOSUyMElkZW50aXR5JTIwQ0ElMkNPVSUzRENlcnRpZmljYXRlJTIwSXNzdWVyJTJD\nTyUzRGRvam90JTIwSW9UJTIwUGxhdGZvcm0wHQYDVR0lBBYwFAYIKwYBBQUHAwIG\nCCsGAQUFBwMEMIIBWgYDVR0fBIIBUTCCAU0wggFJoIHGoIHDhoHAaHR0cDovLzE3\nMi4xOC4wLjMKMTcyLjE5LjAuNDo4MDgwL2VqYmNhL3B1YmxpY3dlYi93ZWJkaXN0\nL2NlcnRkaXN0P2NtZD1jcmwmaXNzdWVyPVVJRCUzRGMtMGZhMzliMzNlNTZlMDY1\nMTklMkNDTiUzRFg1MDklMjBJZGVudGl0eSUyMENBJTJDT1UlM0RDZXJ0aWZpY2F0\nZSUyMElzc3VlciUyQ08lM0Rkb2pvdCUyMElvVCUyMFBsYXRmb3Jton6kfDB6MSMw\nIQYKCZImiZPyLGQBAQwTYy0wZmEzOWIzM2U1NmUwNjUxOTEZMBcGA1UEAwwQWDUw\nOSBJZGVudGl0eSBDQTEbMBkGA1UECwwSQ2VydGlmaWNhdGUgSXNzdWVyMRswGQYD\nVQQKDBJkb2pvdCBJb1QgUGxhdGZvcm0wHQYDVR0OBBYEFD1vcBmX/6Of+o7t8eis\nKz8AyLtgMA4GA1UdDwEB/wQEAwID6DANBgkqhkiG9w0BAQsFAAOCAgEALw1cbCNE\nG9f47gbzD/XVbA1En+tGp+GSCcqboNZuCWZlMMwP9EdGIttnZg4cH/L7k0eiobNP\nVYc+2A6kP4mbDvz4usyxMvczca6+XN8sPxc7mZirUCxEZisoecwq23mNmgLVuR4b\nrS935ZcgCaK+1rbggBgC4SH6RJhrHcwDuSOq22CZIR80834Xjo6TQdMMNJf6CAzH\negeV6qFf6wA91SYpfSv8rVh+vaXfHEKtVfxm0J7fpLTUa2rDoOKuyi3OPkryETAy\nBmGJdvZCZU/CSjYc3Z0RsOPt7qwPbY31gzfJQbc3Qqiq0X+Ws/hilagQxCsEvkXC\nS33rRRxiWS6PGGJf3TliVQNKWnxW0jhtzuYMc0VEoTdjbmqSaQ7Lo8YloPvBvHYS\n5Vdl9Y1uuZQnHvBuy9LhKNS69WDZTEMu5DXrJypSRqnuw6Nywb43cIffbvtvRWCs\njZ8rNEkcGSoUE9Yb7fM6pwirl+QSjvsKa/k++rSp9VeSB8fKgmaneNScipXBcIl/\n5eYLIjobnXb/7SGwxLKtTm96cX2TG+GhXi4xTxd4xbLsq0FNxMhsBwHkMoygYWTY\nhCvnb3mDv4zbC0Vy/LN0gFXkDIvURh0gb8mosP5mB+0Rv1uW0WzIgDuQU22k2vqH\npvuMCXOKhOBlsDD2Qfk7e4M3ps/T498bNCo=\n-----END CERTIFICATE-----",
      "belongsTo": {},
      "tenant": "admin",
      "createdAt": "2020-06-06T21:13:30.316Z"
    }
  ]
}

Endpoint for a specific certificate

Get X.509 Certificate
GET/certificates/{fingerprint}{?fields}

Gets a certificate.

Example URI

GET https://localhost:8000/x509/v1/certificates/fingerprint?fields=
URI Parameters
HideShow
fingerprint
string (required) 

Fingerprint (as SHA256) of the certificate, where each byte (represented by hexadecimal pair of characters) are separated by a colon.

fields
string (optional) 

List of keys (comma-separated) that should be included in the result. If the fields parameter is not set, all keys will be kept in the result.

Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Response  200
HideShow
Headers
Content-Type: application/json
Body
{
  "issuedByDojotPki": true,
  "autoRegistered": false,
  "fingerprint": "27:98:B3:A2:69:28:2C:C3:00:E2:2C:7D:48:50:94:C4:4A:F7:A2:1C:63:B8:06:7F:69:15:01:F6:EA:09:34:2D",
  "pem": "-----BEGIN CERTIFICATE-----\nMIIG/DCCBOSgAwIBAgIUGeK2VFaRPpGRlBrJjwipf6Eds1YwDQYJKoZIhvcNAQEL\nBQAwejEjMCEGCgmSJomT8ixkAQEME2MtMGZhMzliMzNlNTZlMDY1MTkxGTAXBgNV\nBAMMEFg1MDkgSWRlbnRpdHkgQ0ExGzAZBgNVBAsMEkNlcnRpZmljYXRlIElzc3Vl\ncjEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMB4XDTIwMDYwNTIwMDEwMFoX\nDTIxMDYwNTIwMDEwMFowNDEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMRUw\nEwYDVQQDDAxhZG1pbjoxMjM0NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQDFu7NweJ79eNKwTkU30Zxd19lsABkNYAXJDqfyrsuT68eeR3nGz0uyQpEE\nSQs0Ob8o62JXvL0DnnAa5MK8yt+p9TiltJEOQXTMbrovFJnDR85BrZFQEbyCKyrz\n9WQTDwCEqv362dnkcwLBd2DObD8OvRg/UzuVoSA7tlsQzaASzpItUJFCuGKzHa0t\nb3Ttrhgz4Q9WPXgOOdKsLg6pouyGSEaXKyIhAcrLUjvnOcSjJbo46+y5iTemW5km\n3gNdbINVluCG3HVQ7zZpLoaYv447WUvFPMMSeRAYNRz2QoBOt8seofcwVvurcctm\ntL5WFlYNCH+eDkdFHUy3xdVrsibTAgMBAAGjggK+MIICujAMBgNVHRMBAf8EAjAA\nMB8GA1UdIwQYMBaAFFjCckdwxGbsWEEv3h/+sy1Cz5RgMIHcBgNVHS4EgdQwgdEw\ngc6ggcuggciGgcVodHRwOi8vMTcyLjE4LjAuMwoxNzIuMTkuMC40OjgwODAvZWpi\nY2EvcHVibGljd2ViL3dlYmRpc3QvY2VydGRpc3Q/Y21kPWRlbHRhY3JsJmlzc3Vl\ncj1VSUQlM0RjLTBmYTM5YjMzZTU2ZTA2NTE5JTJDQ04lM0RYNTA5JTIwSWRlbnRp\ndHklMjBDQSUyQ09VJTNEQ2VydGlmaWNhdGUlMjBJc3N1ZXIlMkNPJTNEZG9qb3Ql\nMjBJb1QlMjBQbGF0Zm9ybTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw\nggFaBgNVHR8EggFRMIIBTTCCAUmggcaggcOGgcBodHRwOi8vMTcyLjE4LjAuMwox\nNzIuMTkuMC40OjgwODAvZWpiY2EvcHVibGljd2ViL3dlYmRpc3QvY2VydGRpc3Q/\nY21kPWNybCZpc3N1ZXI9VUlEJTNEYy0wZmEzOWIzM2U1NmUwNjUxOSUyQ0NOJTNE\nWDUwOSUyMElkZW50aXR5JTIwQ0ElMkNPVSUzRENlcnRpZmljYXRlJTIwSXNzdWVy\nJTJDTyUzRGRvam90JTIwSW9UJTIwUGxhdGZvcm2ifqR8MHoxIzAhBgoJkiaJk/Is\nZAEBDBNjLTBmYTM5YjMzZTU2ZTA2NTE5MRkwFwYDVQQDDBBYNTA5IElkZW50aXR5\nIENBMRswGQYDVQQLDBJDZXJ0aWZpY2F0ZSBJc3N1ZXIxGzAZBgNVBAoMEmRvam90\nIElvVCBQbGF0Zm9ybTAdBgNVHQ4EFgQUuNRRFLrgvwwHe8ShOhMWRISTXZYwDgYD\nVR0PAQH/BAQDAgPoMA0GCSqGSIb3DQEBCwUAA4ICAQCLOCwNFlG6lM3P3+ToiwLA\n33q+ZRnMTXIOzzOKpiaOWfBv55y3nZnHIKuTlNMsP0qiOfDdrdvtQTs5NVmwSfa+\nK0uNH+wFTO8XLgs+Ii7OvAB+UX7+Vo8uxFxPKAgJHOUBFjIZq0y2Le4p+PNtuEQR\ntB3cisT++sUVc6NCgmoRUsEjGxNXnyPVU40GJ9DlNYtlBu4h+FaxaAeeEz3xduU7\neXLjlXpSWSIcRzfGo+6wobENZordAvqz6Hp5o3sHSXhiXkNeO1B2A421bkkUhA7W\nWjE8IknN5QjlquFp5rQZABLTx2Qw7YqiRkLqAXLXM20+XnqKBQ3HjNgklC9CpBZi\nM/KJlEm8muiODENwUBZ6YSo1nsgWAO/YBJ8NAbzT6sUQybsSnCBp9DAOf0amdqYn\na45C0gOWSBXMcxjXXOcVxFdNCfVpFAi9c7Y/bCeYbWVXY8jQ6e3nKwvbvILXORl9\n+Pyqqw6qhToHbcOqdCWqoZoEBRRg06Vkm6r0d6yh/UcE/UHyKlgnRGFZdpFYlSvZ\nTB+4Paeq3wOKxAkjUs2SlFHZYT43+NKmsiSTf1yyKruwh1yMR0hAfRM9GCooOjvr\n5PokzscdSyNwWh/LrkUAvKnB/XgpgqeN+ngK8jVotieV4vLc7ji/i6ME1Czi0g9I\nLPSCByr/Jf5/sLD6GXNh4w==\n-----END CERTIFICATE-----",
  "belongsTo": {},
  "tenant": "admin",
  "createdAt": "2020-06-05T20:01:11.286Z"
}

Delete X.509 Certificate
DELETE/certificates/{fingerprint}

Deletes a x.509 certificate and returns a status 204 (No Content) with no body indicating that the operation was successful.

If there is no certificate registered in the database with the informed fingerprint, a response status 404 (Not Found) will be returned, which means that either the certificate has already been removed in a previous request or the informed fingerprint is invalid.

Example URI

DELETE https://localhost:8000/x509/v1/certificates/fingerprint
URI Parameters
HideShow
fingerprint
string (required) 

Fingerprint (as SHA256) of the certificate, where each byte (represented by hexadecimal pair of characters) are separated by a colon.

Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Response  204

Associate a device with a certificate
PATCH/certificates/{fingerprint}

To associate a device represented on the platform with a certificate, simply enter the device identifier for the certificate endpoint.

Example URI

PATCH https://localhost:8000/x509/v1/certificates/fingerprint
URI Parameters
HideShow
fingerprint
string (required) 

Fingerprint (as SHA256) of the certificate, where each byte (represented by hexadecimal pair of characters) are separated by a colon.

Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Body
{
  "belongsTo": {
    "device": "Device ID"
  }
}
Schema
{
  "$schema": "http://json-schema.org/draft-07/schema",
  "type": "object",
  "additionalProperties": false,
  "properties": {
    "belongsTo": {
      "type": "object",
      "title": "Link between certificate and device",
      "description": "Object that associates the certificate with an device.",
      "additionalProperties": false,
      "properties": {
        "device": {
          "type": [
            "string",
            "null"
          ],
          "title": "Device ID",
          "description": "Identifies the device that the x.509 certificate is attached to.",
          "maxLength": 10,
          "pattern": "^[0-9a-fA-F]{10}$"
        }
      }
    }
  }
}
Response  204

Endpoint for ownership of a certificate

Delete the ownership of a certificate
DELETE/certificates/{fingerprint}/belongsto

To remove the owner of a particular certificate, simply inform your fingerprint.

Example URI

DELETE https://localhost:8000/x509/v1/certificates/fingerprint/belongsto
URI Parameters
HideShow
fingerprint
string (required) 

Fingerprint (as SHA256) of the certificate, where each byte (represented by hexadecimal pair of characters) are separated by a colon.

Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Response  204

Endpoint for the root CA

Get Root CA
GET/ca

Obtains the CA of the dojot platform used to sign the device certificates.

Example URI

GET https://localhost:8000/x509/v1/ca
Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Response  200
HideShow
Headers
Content-Type: application/json
Body
{
  "certificateFingerprint": "B9:7C:88:EE:A4:13:3E:64:99:44:C5:35:61:9D:4E:15:B7:70:A4:FD:78:61:70:22:D2:27:BC:74:15:AA:C5:CC",
  "caPem": "-----BEGIN CERTIFICATE-----\nMIIF6jCCA9KgAwIBAgIUIJGGnpOs/DHPUarctEZt5r7S4IAwDQYJKoZIhvcNAQEL\nBQAwejEjMCEGCgmSJomT8ixkAQEME2MtMGZhMzliMzNlNTZlMDY1MTkxGTAXBgNV\nBAMMEFg1MDkgSWRlbnRpdHkgQ0ExGzAZBgNVBAsMEkNlcnRpZmljYXRlIElzc3Vl\ncjEbMBkGA1UECgwSZG9qb3QgSW9UIFBsYXRmb3JtMCAXDTIwMDYwNTE5MzExMFoY\nDzIwNTAwNTI5MTkzMTEwWjB6MSMwIQYKCZImiZPyLGQBAQwTYy0wZmEzOWIzM2U1\nNmUwNjUxOTEZMBcGA1UEAwwQWDUwOSBJZGVudGl0eSBDQTEbMBkGA1UECwwSQ2Vy\ndGlmaWNhdGUgSXNzdWVyMRswGQYDVQQKDBJkb2pvdCBJb1QgUGxhdGZvcm0wggIi\nMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJnP/Oh1gi0Az9vDKOQjzt0CLb\n9O0RJP5TCFdMdGbdVcJ273W8egyTWsu5PnYwyXAYbm613Z2CLHv5rr9mx+9bY27K\nzC8DNcDU05KZN8NuOJYqaBwcfI1x0vMytQE4J64iJzeOeehxEsrxY5wa168MNTDN\n43achUJoxUTVxzdRrUk0Nx2XadfBEHbLOXxffkAE37BahHS/KXywby3EnvJth2kL\nWBifxtD8oDzfCrA9RiwI5Rt5b0ceI9Euprsr4kslxK9uZn7p+/Qx2XX2rHFZqFlz\nKOig61XuusxtbLwbSvWRjPe29hivk18AabWPXqbDuFqPxpW3WkEBUD3Rd/YqEIj1\n2VV0ACcaPkudEx8RmGsTglR3munWIgb1OGckYtd5Lu9+OjkhMSufLCMoBn9sqjPv\nHYmt6paJrlhITw9uF+p8ZBGJ0mb1j+AuRVJEHvsJS8A2bAmtAdTnBsUL+ZflIYB6\nfefAgTtTcdpXppTxgf6Kz156udWgQ7Pvk8Io4Fr4K63ngw2NLdLGsBkR9voGoLJL\nEIllHJodN6jq7z63110LZPdw5Au/55qMibS7389ocbLxvsqxxC7BF+GfnqQ7ooPZ\naE6jsLpHaWRbsT1uDl3rZUu5ijv3HF778N5n5HewBx0DMZE8mtX7oeHmzsDh6HU9\n+94b6Y9NlC8UaKCCkQIDAQABo2YwZDASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1Ud\nIwQYMBaAFFjCckdwxGbsWEEv3h/+sy1Cz5RgMB0GA1UdDgQWBBRYwnJHcMRm7FhB\nL94f/rMtQs+UYDAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBALPy\nHv+6Wm8OxyIwU8kpa/r5HrPcZJIIJn+GA8AFjW/JffUxQN08sITJLUAx2/qnUg5r\nJRPUwWJ64gerJGuY/qavuuArMq+sEXz2Fe5N3p6PtTyyUK2KxRK6SlFFdHmPocRT\nClIRCl+Ae4vpxHjVizzN9tP9RTuxYydf5wejxw2HK9NjMPCCVWiH6qclPeLD9vhw\niHeVISj0fc2tnMbZNDHy/UWFPxIoqV+0nrF/6mCsQE93U0FJENG3oJrwNb3KbR7h\ntWEfUFKWpRjZAKtgdDcWKCIhRZRJ6ToFhq/NsoRjQpXiCRejsVMa+sg8XmaJcG7/\ngLQQlY6x/njOalliJvJmmsV9d27XhgNefWBCM2RWmO/h1Np/vuTOSQ9fEQGa0v8R\nn/fuqfuElastPPbV/UaMHQHvG/PnFYhX8Rbex7koD3Ng+aFtSzJp8xF+8o3qYxeY\nmDrnqFd8JM7GUf2coZt9jHH7n1Ibd2KeMS9FreIETB10jYlcd0+R9oLf7/0yhI5I\nJcGzESkJZD7YATR/ro5X+t22OXjEhiSaoQsXceJURsEYoXHnJx9myy5Tg0Z3Xl7w\nynW39uy69yXippIdCqfD0UyXZiSQ2tXwNVT6cFbGkEbxOjH2zzzmeleFl4EOAkC5\n193nerH/R/ebrNktOaDsmQFKcwnpszpaDT19+lAG\n-----END CERTIFICATE-----"
}

Endpoint for the CRL of root CA

Gets the latest CRL
GET/ca/crl

Gets the latest CRL released by the root CA.

Example URI

GET https://localhost:8000/x509/v1/ca/crl
Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Response  200
HideShow
Headers
Content-Type: application/json
Body
{
  "crl": "-----BEGIN X509 CRL-----\nMIIC9DCB3QIBATANBgkqhkiG9w0BAQsFADB6MSMwIQYKCZImiZPyLGQBAQwTYy0w\nMzY2MmU3ZTllMzhmMTUwMjEZMBcGA1UEAwwQWDUwOSBJZGVudGl0eSBDQTEbMBkG\nA1UECwwSQ2VydGlmaWNhdGUgSXNzdWVyMRswGQYDVQQKDBJkb2pvdCBJb1QgUGxh\ndGZvcm0XDTIwMDYwNDE3MDYwOVoXDTIwMDYwNTE3MDYwOVqgLzAtMB8GA1UdIwQY\nMBaAFHZvzXewT/4MbYWcyDTFR0rqc3faMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEB\nCwUAA4ICAQARdQORwfEyQqAg+xsV/QwDtLdSMqZSokK5NDbtgATKcxQ4I83PCgCT\noYGxBWKmEatrMtGW94T7DewniluP+4ZWOTF8sNS1RMacUyA3Avjecb11Fh1T4bcE\nVXt5pJkW10CFtYZWwc7IGtH+TK3vNspN2Fkq+4CcZ707W3S4AdL6dy9P0kreXGof\nM7/glM4ep95UKuzVboFfIWOy29iQf4kLvxpWBevEWSzH6rDZKcBxlhpdEl/RNBtC\n3hsoJ7q5V+IR0Gn6mv7I5KPmKddnIvCom5zoWchcamob0VvN70bRnruu6ZhKQVXv\nn54u3YfhPSlp1TUuc3vnG+otBFVGIRLlein502J+JiWYkSYyGom6Nv68RKvUr7Fp\nDMN+Gbt+YYmug2Ax91WvYrGvbfiUREwzhr/oiT2NWc3Xil/5upfxw/rox3zmoWeJ\ny6+ypdQfAqxi2sxSt74+Qk2E4A8tyvt/FM1170dCIGbPsG2mq7qGwbXJ8q3bQHsZ\nh2ioqzHnE1IUWzIveQ4llCHhfuO/pZyuTP5NoKNx71PX8ZauYFNgGoyyfoygN1dc\nhh93exQN/BZ2WBOV2JrjTJsE1kFySMA73Ncr1he2ISLc6aVJyNc5lo+6qo4AmTSU\n3VaIKRNnYWNbpNxV4Pad57/hg1iPMY9jHk8EX5tjtFEiXp0mAN6Y5w==\n-----END X509 CRL-----"
}

Endpoint for the trusted CA

Register a trusted CA
POST/trusted-cas

To support external device certificates, you must first register the trusted CAs that issue such certificates to these devices. Through this endpoint, it is possible to register the CA certificate that will be trusted by a given tenant.

  • Only one CA certificate is expected per request.

  • The attribute allowAutoRegistration is not mandatory and by default has a value of false.

Example URI

POST https://localhost:8000/x509/v1/trusted-cas
Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Body
{
  "caPem": "Trusted CA certificate in PEM Format",
  "allowAutoRegistration": false
}
Schema
{
  "$schema": "http://json-schema.org/draft-07/schema",
  "type": "object",
  "additionalProperties": false,
  "properties": {
    "caPem": {
      "type": "string",
      "title": "X509 Certificate PEM Schema",
      "description": "Schema for validating one v3 x.509 certificate in PEM format.",
      "contentEncoding": "base64",
      "contentMediaType": "application/x-pem-file",
      "maxLength": 65536,
      "pattern": "^(-{5}BEGIN CERTIFICATE-{5}(\\r\\n|\\r|\\n)([-A-Za-z0-9+/=]{1,64}(\\r\\n|\\r|\\n))+-{5}END CERTIFICATE-{5}(\\r\\n|\\r|\\n)?)+$"
    },
    "allowAutoRegistration": {
      "type": "boolean",
      "title": "Allow Auto Registration",
      "description": "Allows the CA certificate to be used for auto-registration of devices certificates.",
      "default": false
    }
  }
}
Response  201
HideShow
Headers
Content-Type: application/json
Body
{
  "caFingerprint": "24:59:61:1B:0C:C4:14:43:D9:B1:15:A0:D3:46:E3:58:23:53:60:66:21:82:A3:E6:BA:72:04:C0:3F:B7:9B:FA"
}

List trusted CA certificates
GET/trusted-cas{?page,limit,fields,keyVal}

Lists the trusted CA certificates registered for your tenant. The results might be filtered and are paginated with a default page size of 25.

Example URI

GET https://localhost:8000/x509/v1/trusted-cas?page=&limit=&fields=&keyVal=
URI Parameters
HideShow
page
number (optional) Default: 1 

It is a metadata for paginated results.

limit
number (optional) Default: 25 

The maximum number of results to return per page.

fields
string (optional) 

List of keys (comma-separated) that should be included in the result. If the fields parameter is not set, all keys will be kept in the result.

keyVal
string (optional) 

Filters the returned records by the given key=val. If more than one key=val pair is set; the returned records must contain all of them.

Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Response  200
HideShow
Headers
Content-Type: application/json
Body
{
  "paging": {
    "previous": {
      "number": 1,
      "url": "/x509/v1/trusted-cas?page=1&limit=5"
    },
    "current": {
      "number": 2,
      "url": "/x509/v1/trusted-cas?page=2&limit=5"
    },
    "next": {
      "number": 3,
      "url": "/x509/v1/trusted-cas?page=3&limit=5"
    },
    "totalItems": 55,
    "totalPages": 11,
    "limitPerPage": 5
  },
  "trusted-cas": [
    {
      "allowAutoRegistration": false,
      "caFingerprint": "14:D7:3E:B2:05:5E:67:8A:4A:08:7A:3B:FE:74:08:F4:86:AB:C2:DA:42:B2:4F:4D:35:1F:2E:31:D8:08:A3:FB",
      "caPem": "-----BEGIN CERTIFICATE-----\nMIICNzCCAZigAwIBAgIUPCdpFQJQ2R3Pp41JpaG3kKLOXhMwCgYIKoZIzj0EAwIw\nLTErMCkGA1UEAwwiUm9vdCBDQSBkdW1teSAoZG9qb3QgSW9UIFBsYXRmb3JtKTAe\nFw0yMDEwMDExODMyMTBaFw0yNTA5MzAxODMyMTBaMC0xKzApBgNVBAMMIlJvb3Qg\nQ0EgZHVtbXkgKGRvam90IElvVCBQbGF0Zm9ybSkwgZswEAYHKoZIzj0CAQYFK4EE\nACMDgYYABAF0pvyGrk91KetTm0OAInRaW9y1YPqYJA82VAwPwek2R8fAJD2YTVBH\n+vxNpy627OJmMI999LcK0wqeaJbsvK9MPAHYzIFFPwHqaBHgQAuXRfV9CuauUdmN\nnlS2a6exlx1H56SP3c8YwG1w8WbgDDL0CttPIfVC+aKxu69LM0QJQBkLGaNTMFEw\nHQYDVR0OBBYEFPNKM6YILGdf4eKTeEMg599YjIpxMB8GA1UdIwQYMBaAFPNKM6YI\nLGdf4eKTeEMg599YjIpxMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDgYwA\nMIGIAkIAt6SNoZSWM46zdkI5SXEs+C03b9utKVeUoVXksuOystOoqYjKez0bGCFq\nniFawhlerf+SrK+sNcX8o/Fs8I5/t9ACQgGaIaXFstzXn53WheDy0RmAPhsiDqSI\nFw64asZqbk0s5Bw3Jweys+RwcggVLlWNcZUwYYCGJv87f9IUGQ7bFMi8mg==\n-----END CERTIFICATE-----",
      "subjectDN": "CN=Root CA dummy (dojot IoT Platform)",
      "validity": {
        "notBefore": "2020-10-01T18:32:10.000Z",
        "notAfter": "2025-09-30T18:32:10.000Z"
      },
      "tenant": "admin",
      "createdAt": "2020-12-04T13:26:42.736Z",
      "modifiedAt": "2020-12-04T13:26:42.736Z"
    },
    {
      "allowAutoRegistration": true,
      "caFingerprint": "24:59:61:1B:0C:C4:14:43:D9:B1:15:A0:D3:46:E3:58:23:53:60:66:21:82:A3:E6:BA:72:04:C0:3F:B7:9B:FA",
      "caPem": "-----BEGIN CERTIFICATE-----\nMIICNTCCAZigAwIBAgIUGis7n29EcOsEoCxCm980onT5sR4wCgYIKoZIzj0EAwIw\nLTErMCkGA1UEAwwiUm9vdCBDQSBkdW1teSAoZG9qb3QgSW9UIFBsYXRmb3JtKTAe\nFw0yMDA5MzAxMzI2MDRaFw0yNTA5MjkxMzI2MDRaMC0xKzApBgNVBAMMIlJvb3Qg\nQ0EgZHVtbXkgKGRvam90IElvVCBQbGF0Zm9ybSkwgZswEAYHKoZIzj0CAQYFK4EE\nACMDgYYABAFTleScH0EakSco7iPtMN76N3h9PvR7l1UDzYLiDkgYch3W4FwGUDCS\n9yBtaKEiMEv8hGHMHzf0Jsy03hse6DjSagCYWpMqXlYSUZ5muKD7IPC4l+T9KLbB\nmWptY8NQTMiFPZDs2OcLPaaGKJwN42EKBjEyC9dS+WaBFRYFajDvg9rUrKNTMFEw\nHQYDVR0OBBYEFNEcTxzYBiTx3QvnLxnsdHdJySJ2MB8GA1UdIwQYMBaAFNEcTxzY\nBiTx3QvnLxnsdHdJySJ2MA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDgYoA\nMIGGAkFhyI5TpL5voJWQPhjo1AqKzwGcwA3KcSv+Gmz8dbIBt5G+tDmZi213x8CB\nlxNWsrb3Q7+M1emWwrPc/bfXcSHZZwJBZMX4XC6wJTRHkrjNV28evQb+mYbpJl8M\nuK6pmr2SWatOSndPkhgOY5VPGEsnrVpT0OGrUkoe9khvdaDX2yFlAXY=\n-----END CERTIFICATE-----",
      "subjectDN": "CN=Root CA dummy (dojot IoT Platform)",
      "validity": {
        "notBefore": "2020-09-30T13:26:04.000Z",
        "notAfter": "2025-09-29T13:26:04.000Z"
      },
      "tenant": "admin",
      "createdAt": "2020-12-04T13:26:34.263Z",
      "modifiedAt": "2020-12-04T13:27:37.250Z"
    },
    {
      "allowAutoRegistration": false,
      "caFingerprint": "74:31:E5:F4:C3:C1:CE:46:90:77:4F:0B:61:E0:54:40:88:3B:A9:A0:1E:D0:0B:A6:AB:D7:80:6E:D3:B1:18:CF",
      "caPem": "-----BEGIN CERTIFICATE-----\nMIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs\nMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\nd3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j\nZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAwMFoXDTMxMTExMDAwMDAwMFowbDEL\nMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3\nLmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug\nRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm\n+9S75S0tMqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTW\nPNt0OKRKzE0lgvdKpVMSOO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEM\nxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFB\nIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3\nhzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsg\nEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF\nMAMBAf8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaA\nFLE+w2kD+L9HAdSYJhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3Nec\nnzyIZgYIVyHbIUf4KmeqvxgydkAQV8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6z\neM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFpmyPInngiK3BD41VHMWEZ71jF\nhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkKmNEVX58Svnw2\nYzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe\nvEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep\n+OkuE6N36B9K\n-----END CERTIFICATE-----",
      "subjectDN": "C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA",
      "validity": {
        "notBefore": "2006-11-10T00:00:00.000Z",
        "notAfter": "2031-11-10T00:00:00.000Z"
      },
      "tenant": "admin",
      "createdAt": "2020-12-04T13:27:00.928Z",
      "modifiedAt": "2020-12-04T13:27:00.928Z"
    },
    {
      "allowAutoRegistration": false,
      "caFingerprint": "CA:42:DD:41:74:5F:D0:B8:1E:B9:02:36:2C:F9:D8:BF:71:9D:A1:BD:1B:1E:FC:94:6F:5B:4C:99:F4:2C:1B:9E",
      "caPem": "-----BEGIN CERTIFICATE-----\nMIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G\nA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp\nZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1\nMDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG\nA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL\nv4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8\neoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq\ntTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd\nC9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa\nzq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB\nmTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH\nV2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n\nbG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG\n3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs\nJ0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO\n291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS\not+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd\nAfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7\nTBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==\n-----END CERTIFICATE-----",
      "subjectDN": "OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign",
      "validity": {
        "notBefore": "2006-12-15T08:00:00.000Z",
        "notAfter": "2021-12-15T08:00:00.000Z"
      },
      "tenant": "admin",
      "createdAt": "2020-12-04T13:26:46.837Z",
      "modifiedAt": "2020-12-04T13:26:46.837Z"
    },
    {
      "allowAutoRegistration": false,
      "caFingerprint": "CB:B5:22:D7:B7:F1:27:AD:6A:01:13:86:5B:DF:1C:D4:10:2E:7D:07:59:AF:63:5A:7C:F4:72:0D:C9:63:C5:3B",
      "caPem": "-----BEGIN CERTIFICATE-----\nMIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G\nA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp\nZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4\nMTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG\nA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI\nhvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8\nRgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT\ngHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm\nKPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd\nQQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ\nXriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw\nDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o\nLkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU\nRUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp\njjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK\n6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX\nmcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs\nMx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH\nWD9f\n-----END CERTIFICATE-----",
      "subjectDN": "OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign",
      "validity": {
        "notBefore": "2009-03-18T10:00:00.000Z",
        "notAfter": "2029-03-18T10:00:00.000Z"
      },
      "tenant": "admin",
      "createdAt": "2020-12-04T13:26:51.093Z",
      "modifiedAt": "2020-12-04T13:26:51.093Z"
    }
  ]
}

Endpoint for a specific trusted CA certificate

Get a trusted CA Certificate
GET/trusted-cas/{caFingerprint}{?fields}

Gets a trusted CA certificate.

Example URI

GET https://localhost:8000/x509/v1/trusted-cas/caFingerprint?fields=
URI Parameters
HideShow
caFingerprint
string (required) 

Fingerprint (as SHA256) of the certificate, where each byte (represented by hexadecimal pair of characters) are separated by a colon.

fields
string (optional) 

List of keys (comma-separated) that should be included in the result. If the fields parameter is not set, all keys will be kept in the result.

Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Response  200
HideShow
Headers
Content-Type: application/json
Body
{
  "allowAutoRegistration": false,
  "caFingerprint": "14:D7:3E:B2:05:5E:67:8A:4A:08:7A:3B:FE:74:08:F4:86:AB:C2:DA:42:B2:4F:4D:35:1F:2E:31:D8:08:A3:FB",
  "caPem": "-----BEGIN CERTIFICATE-----\nMIICNzCCAZigAwIBAgIUPCdpFQJQ2R3Pp41JpaG3kKLOXhMwCgYIKoZIzj0EAwIw\nLTErMCkGA1UEAwwiUm9vdCBDQSBkdW1teSAoZG9qb3QgSW9UIFBsYXRmb3JtKTAe\nFw0yMDEwMDExODMyMTBaFw0yNTA5MzAxODMyMTBaMC0xKzApBgNVBAMMIlJvb3Qg\nQ0EgZHVtbXkgKGRvam90IElvVCBQbGF0Zm9ybSkwgZswEAYHKoZIzj0CAQYFK4EE\nACMDgYYABAF0pvyGrk91KetTm0OAInRaW9y1YPqYJA82VAwPwek2R8fAJD2YTVBH\n+vxNpy627OJmMI999LcK0wqeaJbsvK9MPAHYzIFFPwHqaBHgQAuXRfV9CuauUdmN\nnlS2a6exlx1H56SP3c8YwG1w8WbgDDL0CttPIfVC+aKxu69LM0QJQBkLGaNTMFEw\nHQYDVR0OBBYEFPNKM6YILGdf4eKTeEMg599YjIpxMB8GA1UdIwQYMBaAFPNKM6YI\nLGdf4eKTeEMg599YjIpxMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDgYwA\nMIGIAkIAt6SNoZSWM46zdkI5SXEs+C03b9utKVeUoVXksuOystOoqYjKez0bGCFq\nniFawhlerf+SrK+sNcX8o/Fs8I5/t9ACQgGaIaXFstzXn53WheDy0RmAPhsiDqSI\nFw64asZqbk0s5Bw3Jweys+RwcggVLlWNcZUwYYCGJv87f9IUGQ7bFMi8mg==\n-----END CERTIFICATE-----",
  "subjectDN": "CN=Root CA dummy (dojot IoT Platform)",
  "validity": {
    "notBefore": "2020-10-01T18:32:10.000Z",
    "notAfter": "2025-09-30T18:32:10.000Z"
  },
  "tenant": "admin",
  "createdAt": "2020-12-04T13:26:42.736Z",
  "modifiedAt": "2020-12-04T13:26:42.736Z"
}

Delete a trusted CA Certificate
DELETE/trusted-cas/{caFingerprint}

Deletes a trusted CA certificate.

Example URI

DELETE https://localhost:8000/x509/v1/trusted-cas/caFingerprint
URI Parameters
HideShow
caFingerprint
string (required) 

Fingerprint (as SHA256) of the certificate, where each byte (represented by hexadecimal pair of characters) are separated by a colon.

Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Response  204

Enable/disable self-registration of certificates issued by a trusted CA
PATCH/trusted-cas/{caFingerprint}

The option to enable self-registration of certificates issued by a trusted CA can be provided at the time of registering the CA certificate, or by updating the CA certificate record.

Example URI

PATCH https://localhost:8000/x509/v1/trusted-cas/caFingerprint
URI Parameters
HideShow
caFingerprint
string (required) 

Fingerprint (as SHA256) of the certificate, where each byte (represented by hexadecimal pair of characters) are separated by a colon.

Request
HideShow
Headers
Content-Type: application/json
Authorization: Bearer [JWT]
Body
{
  "allowAutoRegistration": true
}
Schema
{
  "$schema": "http://json-schema.org/draft-07/schema",
  "type": "object",
  "additionalProperties": false,
  "properties": {
    "allowAutoRegistration": {
      "type": "boolean",
      "title": "Allow Auto Registration",
      "description": "Allows the CA certificate to be used for auto-registration of devices certificates.",
      "default": false
    }
  }
}
Response  204

Generated by aglio on 22 Sep 2022