Skip to main content

Add a key or create a new certificate for the given software statement

POST 
/organisations/:OrganisationId/softwarestatements/:SoftwareStatementId/certificates/:SoftwareStatementCertificateOrKeyType

creates a new key or certificate on the specified software statement

Request

Path Parameters

    OrganisationId OrganisationIdrequired

    Possible values: non-empty and <= 40 characters, Value must match regular expression ^[^<>]*$

    The organisation ID

    SoftwareStatementId SoftwareStatementIdrequired

    Possible values: <= 40 characters, Value must match regular expression ^[^<>]*$

    The software statement ID

    SoftwareStatementCertificateOrKeyType SoftwareStatementCertificateOrKeyTyperequired

    Possible values: [rtstransport, rtssigning, sigkey, enckey, brcac, brcac_ext, brcac_2022]

    Default value: rtssigning

    The certificate or key type that can be associated with a software statement

Header Parameters

    x-fapi-auth-date string

    Possible values: Value must match regular expression ^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \d{4} \d{2}:\d{2}:\d{2} (GMT|UTC)$

    The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2017 19:43:31 UTC

    x-fapi-customer-ip-address string

    The PSU's IP address if the PSU is currently logged in with the TPP.

    x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    x-customer-user-agent string

    Indicates the user-agent that the PSU is using.

Body

required

PEM file -- the contents of the PEM file will differ depending upon SoftwareStatementCertificateOrKeyType. If SoftwareStatementCertificateOrKeyType is set to brcac, rtssigning or rtstransport then the PEM file should contain a Certificate Signing Request (CSR) for an RTS signing or RTS transport certificate respectively; if SoftwareStatementCertificateOrKeyType is set to sigkey, enckey then the PEM file should contain a public signing or encryption key respectively.

    string

    Possible values: Value must match regular expression ^[^<>]*$

Responses

A certificate object

Response Headers

  • x-fapi-interaction-id

    string

Schema

    OrganisationId OrganisationId (string)

    Possible values: non-empty and <= 40 characters, Value must match regular expression ^[^<>]*$

    Unique ID associated with the organisation

    SoftwareStatementIds SoftwareStatementId (string)[]

    Possible values: <= 40 characters, Value must match regular expression ^[^<>]*$

    ClientName string

    Possible values: <= 40 characters

    Status string

    Possible values: <= 40 characters

    ValidFromDateTime string

    Possible values: <= 30 characters

    RevokedDateTime string

    Possible values: <= 30 characters

    ExpiryDateTime string

    Possible values: <= 30 characters

    e string

    Possible values: <= 255 characters

    keyType string

    Possible values: <= 255 characters

    kid string

    Possible values: <= 255 characters

    kty string

    Possible values: <= 255 characters

    n string

    Possible values: <= 255 characters

    use string

    Possible values: <= 255 characters

    x5c string[]

    Possible values: <= 255 characters

    x5t string

    Possible values: <= 255 characters

    x5thashS256 string

    Possible values: <= 255 characters

    x5u string

    Possible values: <= 255 characters

    SignedCertPath string

    Possible values: <= 255 characters

    Used to display location of the signed certificate in PEM format

    JwkPath string

    Possible values: <= 255 characters

    Used to display path to JWKS containing this certificate

    OrgJwkPath string

    Possible values: <= 255 characters

    Used to display path to Org JWKS containing org certificates

Loading...