<!-- Used by AAF (ATT inc 2016) --> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:certman="urn:certman:v1_0" targetNamespace="urn:certman:v1_0" elementFormDefault="qualified"> <!-- jg 4/21/2016 New for Certificate Info --> <xs:element name="certInfo"> <xs:complexType> <xs:sequence> <!-- Base64 Encoded Private Key --> <xs:element name="privatekey" type="xs:string" minOccurs="0" maxOccurs="1"/> <!-- Base64 Encoded Certificate --> <xs:element name="certs" type="xs:string" minOccurs="1" maxOccurs="unbounded"/> <!-- Challenge Password (2 method Auth) --> <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/> <!-- Notes from Server concerning Cert (not an error) --> <xs:element name="notes" type="xs:string" minOccurs="0" maxOccurs="1"/> </xs:sequence> </xs:complexType> </xs:element> <xs:complexType name="baseRequest"> <xs:sequence> <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/> <!-- Sponsor is only required if the caller is not Sponsor. In that case, the calling ID must be delegated to do the work. --> <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1"/> <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" /> <xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/> </xs:sequence> </xs:complexType> <xs:complexType name="specificRequest"> <xs:complexContent> <xs:extension base="certman:baseRequest"> <xs:sequence> <xs:element name="serial" type="xs:string" minOccurs="1" maxOccurs="1"/> <!-- Certificate has been compromised or other security issue --> <xs:element name="revoke" type="xs:boolean" minOccurs="0" maxOccurs="1" default="false"/> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> <xs:element name="certificateRequest"> <xs:complexType> <xs:complexContent> <xs:extension base="certman:baseRequest"> <xs:sequence> <!-- One FQDN is required. Multiple driven by Policy --> <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/> <!-- Optional Email for getting Public Certificate --> <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> </xs:element> <xs:element name="certificateRenew"> <xs:complexType> <xs:complexContent> <xs:extension base="certman:specificRequest"> <xs:sequence> <!-- One FQDN is required. Multiple driven by Policy --> <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/> <!-- Challenge Password (for accessing manually) TODO Is it necessary? --> <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/> <!-- Optional Email for getting Public Certificate --> <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> </xs:element> <xs:element name="certificateDrop"> <xs:complexType> <xs:complexContent> <xs:extension base="certman:specificRequest"> <xs:sequence> <!-- Challenge Password (for accessing manually) TODO Is it necessary? --> <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/> </xs:sequence> </xs:extension> </xs:complexContent> </xs:complexType> </xs:element> <!-- Placement Structures --> <xs:element name="artifacts"> <xs:complexType> <xs:sequence> <xs:element name="artifact" minOccurs="0" maxOccurs="unbounded"> <xs:complexType> <xs:sequence> <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/> <xs:element name="machine" type="xs:string" minOccurs="0" maxOccurs="1" /> <xs:element name="type" minOccurs="1" maxOccurs="3"> <xs:simpleType> <xs:restriction base="xs:string"> <xs:enumeration value="file"/> <xs:enumeration value="jks"/> <xs:enumeration value="print"/> </xs:restriction> </xs:simpleType> </xs:element> <xs:element name="ca" type="xs:string" minOccurs="1" maxOccurs="1" /> <xs:element name="dir" type="xs:string" minOccurs="1" maxOccurs="1"/> <xs:element name="os_user" type="xs:string" minOccurs="1" maxOccurs="1"/> <!-- Ignored on input, and set by TABLES. However, returned on output --> <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1" /> <!-- Optional... if empty, will use MechID Namespace --> <xs:element name="appName" type="xs:string" minOccurs="0" maxOccurs="1"/> <!-- Optional... if empty, will notify Sponsor --> <xs:element name="notification" type="xs:string" minOccurs="0" maxOccurs="1"/> <!-- Optional... Days before auto renewal. Min is 10. Max is 1/3 expiration (60) --> <xs:element name="renewDays" type="xs:int" minOccurs="0" maxOccurs="1" default="30"/> </xs:sequence> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> </xs:element> </xs:schema>