新增证书V2
更新时间:2023-06-27 15:23:21
适用产品
证书管理
接口描述
新增证书接口,包括证书名称、证书公钥(crt和ca内容合并)、证书密钥、csrid、备注
- 调用URL: https://open.chinanetcenter.com/api/certificate
- 调用方法:POST
推荐使用 Open API在线调试
Open API在线调试功能提供可视化界面在线调试API、支持生成代码示例、快速检索查看API文档等能力。前往调试
请求参数
Body 参数
| 参数名称 | 类型 | 必填 | 描述 |
|---|---|---|---|
name | String | 是 | 证书名称 |
certificate | String | 是 | 证书内容,PEM格式,包含CRT文件、CA文件。例如: -----BEGIN CERTIFICATE----- …… -----END CERTIFICATE----- |
privateKey | String | 否 | 证书密钥,PEM格式。例如: -----BEGIN RSA PRIVATE KEY----- …… -----BEGIN RSA PRIVATE KEY----- 当指定csrId时,无需上传证书密钥。 |
csrId | Integer | 否 | csrId,证书申请文件的id。 |
comment | String | 否 | 备注 |
返回参数
Body 参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
location | String | 用于访问该证书文件的URL,其中certificate-id为系统为该证书生成的唯一标示,其值为字符串 |
code | String | 状态码 |
message | String | 响应信息 |
错误码
| 错误代码(code) | 描述(message) | HTTP状态码 | 语义 |
|---|---|---|---|
| 0 | success | 200 | 调用成功 |
| 26938005 | Parameter name is required | 400 | 证书名称必传且非空 |
| 26938005 | Parameter name max size is 512 | 400 | 证书名称不能超过512个字符 |
| 26938005 | Parameter certificate is required | 400 | 证书内容必传 |
| 26938005 | Parameter comment max size is 1024 | 400 | 备注不能超过1024字符 |
| 36540147 | private key is not match with public key. | 400 | 公私钥不匹配 |
| 36540072 | The {0} content can not contain blank line and must be 64 characters except for the last line. | 400 | {文件类型}文件不能包含空行且除了最后一行以外都必须64位字符 |
| 36540105 | No CRT certificate be found in .crt and .crt file. | 400 | crt与ca文件中均未找到CRT证书 |
| 36540146 | invalid sslKey. | 400 | 秘钥解析失败 |
| 36540129 | No csr was found according to csr id. | 400 | 当未入参的证书key时, 如果有入参csrId, 则取 csrId 对应的 csr 私钥作为证书的私钥 取不到则报错 |
| 36540149 | dnsDomainBelongToCustomerId is empty. | 400 | 网宿合用证书场景:授权域名归属客户id为空 |
| 36540150 | dnsDomainBelongToCustomerId=" " not exist | 400 | 网宿合用证书场景: 1.值非数值 2.授权域名归属客户id不存在 |
| 36540153 | The sslKey is required. | 400 | 私钥必填 |
| 36540151 | dnsDomainRelateServiceCode is empty. | 400 | 网宿合用证书场景:授权域名关联服务编码为空 |
| 36540152 | dnsDomainRelateServiceCode=" " not exist | 400 | 网宿合用证书场景:授权域名关联服务编码不存在 |
| 36540154 | The SSL name you provided is already in our system. certificateId: {0}, certificateName: {1} | 400 | 证书名称唯一性校验(客户粒度下唯一) |
| 36540148 | The SSL content you provided is already in our system.certificateId:{0},certificateName:{1} | 400 | 该客户下证书内容已经存在,不允许重复新增(客户自助有配置白名单除外) |
| 36540125 | Error parameter. | 400 | 1.paramXml不存在;2.paramXml格式错误 |
| 36540130 | certContent is empty. | 400 | 请求参数的sslCertificate为空 |
| 36540138 | invalid algorithm.algorithm={0} | 400 | 算法的值为【des、aes】以外的数据 |
| 36540139 | certificate content decrypt error. invalid crtFile or key. | 400 | crt证书解密失败 |
| 36540140 | certificate content decrypt error. invalid caFile or key. | 400 | ca证书解密失败 |
| 36540141 | certificate content decrypt error. invalid keyFile or key. | 400 | key证书解密失败 |
| 36540142 | invalid sslCertificate. no found crtCnDomain in crtFile. | 400 | crt证书解析失败或crt证书无授权域名 |
| 36540144 | The crt file's algorithm is forbidden. | 400 | crt文件的签名算法非法:不支持的加密算法 禁用的签名算法见数据字典:CertificateConfig→forbiddenCrtAlgorithm(当前仅配置MD5withRSA) |
| 36540101 | The uploaded Crt certificate is invalid! | 400 | crt证书解析失败 |
| 36540098 | The number of BEGIN is not match the END statement in .crt file. | 400 | 证书文件内容格式错误:BEGIN和END数量不匹配 |
| 36540100 | More than one CRT certificate be found in uploaded file. | 400 | crt和ca证书文件中包含多份CRT证书(多份crt证书相同,则不报错,并只保留一份) |
| 36540099 | The number of BEGIN is not match the END statement in .ca file. | 400 | ca文件内容有误,BEGIN/END数量不匹配 |
| 36540102 | The uploaded Ca files is invalid! | 400 | ca证书解析失败 |
| 36540104 | The CA certificate chain in uploaded files is invalid. | 400 | crt和ca证书文件中的CA证书链有误(不完整或冗余) |
| 26939999 | Certificate's CA file is not match with CRT file. | 400 | CA证书与CRT证书不匹配 |
| 36540103 | No CA certificate be found in .crt and .crt file. | 400 | crt与ca文件中均未找到CA证书 |
| 36542044 | The dnsDomainBelongToCustomerId you provided is invalid. | 400 | 参数必须是空或整数 |
示例
XML
- 请求示例 复制成功
#!/bin/bash username="example_username" apiKey="example_apiKey" date=`env LANG="en_US.UTF-8" date -u "+%a, %d %b %Y %H:%M:%S GMT"` password=`echo -en "$date" | openssl dgst -sha1 -hmac $apiKey -binary | openssl enc -base64` curl -i --url "https://open.chinanetcenter.com/api/certificate" \ -X "POST" \ -u "$username:$password" \ -H "Date: $date" \ -H "Accept: application/xml" \ -H "Content-Type:application/xml" \ -d '<?xml version="1.0" encoding="utf-8"?> <certificate> <name>mycertificate</name> <certificate>-----BEGIN CERTIFICATE-----……-----END CERTIFICATE-----</certificate> <privateKey>-----BEGIN RSA PRIVATE KEY-----……-----BEGIN RSA PRIVATE KEY-----</privateKey> </certificate>'
- 返回示例 复制成功
HTTP/1.1 200 OK Date: Sun, 05 May 2019 09:08:53 GMT Content-Type: application/xml;charset=utf-8 x-cnc-request-id: 83bbebc7-2c95-47d7 Location:https://open.chinanetcenter.com/api/certificate/100001 <?xml version="1.0" encoding="UTF-8"?> <response> <code>0</code> <message>success</message> <data></data> </response>
本篇文档内容对您是否有帮助?
有帮助
我要反馈