summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPiotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>2021-07-15 09:35:21 +0200
committerPiotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>2021-07-19 10:00:03 +0200
commit6f95532eadcfd6c3a154b4e22dbc085e81cda6e6 (patch)
tree913081c12512808b8fbfd4ba83942850c8d5dcbf
parentc386b2b9fbf44de105f68ffa87bdcb3328e9c6ee (diff)
[OOM-CERT-SERVICE] Update OpenAPI
- Update OpenAPI after introduction certificate update endpoint Issue-ID: OOM-2753 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: I16117a9dc9f854ba04b39ca1133c19d052e8f7db
-rw-r--r--certService/README.md4
-rw-r--r--certService/src/main/java/org/onap/oom/certservice/api/CertificationController.java24
-rw-r--r--docs/sections/resources/OpenAPI.yaml95
3 files changed, 107 insertions, 16 deletions
diff --git a/certService/README.md b/certService/README.md
index b7d4fdd6..76bfba23 100644
--- a/certService/README.md
+++ b/certService/README.md
@@ -95,9 +95,9 @@ audit.log error.log debug.log
API is described by Swagger ( OpenAPI 3.0 ) on endpoint /docs
( endpoint is defined in properties as springdoc.swagger-ui.path )
```
-http://localchost:8080/docs
+http://localhost:8080/docs
```
### OpenAPI
during project building yaml file with openAPI 3.0 documentation is generated in target directory with name api-docs.yaml
-file OpenAPI.yaml located in certService directory must be update be hand if needed
+file OpenAPI.yaml located in ./docs/sections/resources directory must be updated be hand if needed
diff --git a/certService/src/main/java/org/onap/oom/certservice/api/CertificationController.java b/certService/src/main/java/org/onap/oom/certservice/api/CertificationController.java
index 987d56ea..931ad8c6 100644
--- a/certService/src/main/java/org/onap/oom/certservice/api/CertificationController.java
+++ b/certService/src/main/java/org/onap/oom/certservice/api/CertificationController.java
@@ -28,6 +28,7 @@ import io.swagger.v3.oas.annotations.responses.ApiResponse;
import io.swagger.v3.oas.annotations.responses.ApiResponses;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.onap.oom.certservice.certification.CertificationResponseModelFactory;
+import org.onap.oom.certservice.certification.exception.CertificateDecryptionException;
import org.onap.oom.certservice.certification.exception.DecryptionException;
import org.onap.oom.certservice.certification.exception.ErrorResponseModel;
import org.onap.oom.certservice.certification.model.CertificateUpdateModel;
@@ -72,11 +73,11 @@ public class CertificationController {
content = @Content(schema = @Schema(implementation = ErrorResponseModel.class))),
@ApiResponse(responseCode = "404", description = "CA not found for given name",
content = @Content(schema = @Schema(implementation = ErrorResponseModel.class))),
- @ApiResponse(responseCode = "500", description = "Something went wrong during connectiion to CMPv2 server",
+ @ApiResponse(responseCode = "500", description = "Something went wrong during connection to CMPv2 server",
content = @Content(schema = @Schema(implementation = ErrorResponseModel.class)))
})
@Operation(
- summary = "initialize certificate",
+ summary = "Initialize certificate",
description = "Web endpoint for requesting certificate initialization. Used by system components to gain certificate signed by CA.",
tags = {"CertificationService"})
public ResponseEntity<CertificationResponseModel> signCertificate(
@@ -105,11 +106,30 @@ public class CertificationController {
* @return JSON containing trusted certificates and certificate chain
*/
@GetMapping(value = "v1/certificate-update/{caName}", produces = "application/json")
+ @ApiResponses(value = {
+ @ApiResponse(responseCode = "200", description = "Certificate successfully updated"),
+ @ApiResponse(responseCode = "400", description = "Given CSR, PK, old certificate or/and old PK is incorrect",
+ content = @Content(schema = @Schema(implementation = ErrorResponseModel.class))),
+ @ApiResponse(responseCode = "404", description = "CA not found for given name",
+ content = @Content(schema = @Schema(implementation = ErrorResponseModel.class))),
+ @ApiResponse(responseCode = "500", description = "Something went wrong during connection to CMPv2 server",
+ content = @Content(schema = @Schema(implementation = ErrorResponseModel.class)))
+ })
+ @Operation(
+ summary = "Update certificate",
+ description = "Web endpoint for updating certificate. Used by system components to update certificate signed by CA.",
+ tags = {"CertificationService"})
public ResponseEntity<CertificationResponseModel> updateCertificate(
+ @Parameter(description = "Name of certification authority that will update certificate.")
@PathVariable String caName,
+ @Parameter(description = "Certificate signing request in form of PEM object encoded in Base64 (with header and footer).")
@RequestHeader("CSR") String encodedCsr,
+ @Parameter(description = "Private key in form of PEM object encoded in Base64 (with header and footer).")
@RequestHeader("PK") String encodedPrivateKey,
+ @Parameter(description = "Old certificate in form of PEM object encoded in Base64 (with header and footer).")
@RequestHeader("OLD_CERT") String encodedOldCert,
+ @Parameter(description = "Old private key (corresponding with old certificate) "
+ + "in form of PEM object encoded in Base64 (with header and footer).")
@RequestHeader("OLD_PK") String encodedOldPrivateKey
) throws DecryptionException, CmpClientException {
caName = replaceWhiteSpaceChars(caName);
diff --git a/docs/sections/resources/OpenAPI.yaml b/docs/sections/resources/OpenAPI.yaml
index d20f833e..1c0c9571 100644
--- a/docs/sections/resources/OpenAPI.yaml
+++ b/docs/sections/resources/OpenAPI.yaml
@@ -1,7 +1,7 @@
# ============LICENSE_START=======================================================
# oom-certservice
# ================================================================================
-# Copyright (C) 2020 Nokia. All rights reserved.
+# Copyright (C) 2020-2021 Nokia. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -19,9 +19,9 @@ openapi: 3.0.1
info:
title: CertService Documentation
description: Certification service API documentation
- version: 1.0.0
+ version: 1.0.1
servers:
- - url: http://localhost:8080
+ - url: https://localhost:8443
description: Generated server url
tags:
- name: Actuator
@@ -30,12 +30,83 @@ tags:
description: Spring Boot Actuator Web API Documentation
url: https://docs.spring.io/spring-boot/docs/current/actuator-api/html/
paths:
- /v1/certificate/{caName}:
+ /v1/certificate-update/{caName}:
get:
tags:
- CertificationService
- summary: Sign certificate
- description: Web endpoint for requesting certificate signing. Used by system
+ summary: Update certificate
+ description: Web endpoint for updating certificate. Used by system
+ components to update certificate signed by CA.
+ operationId: updateCertificate
+ parameters:
+ - name: caName
+ in: path
+ description: Name of certification authority that will update certificate.
+ required: true
+ schema:
+ type: string
+ example: "RA_TEST"
+ - name: CSR
+ in: header
+ description: Certificate signing request in form of PEM object encoded in Base64
+ (with header and footer).
+ required: true
+ schema:
+ type: string
+ example: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJREZqQ0NBZjRDQVFBd2R6RUxNQWtHQTFVRUJoTUNWVk14RXpBUkJnTlZCQWdNQ2tOaGJHbG1iM0p1YVdFeApGakFVQmdOVkJBY01EVk5oYmkxR2NtRnVZMmx6WTI4eERUQUxCZ05WQkFzTUJFOU9RVkF4R1RBWEJnTlZCQW9NCkVFeHBiblY0TFVadmRXNWtZWFJwYjI0eEVUQVBCZ05WQkFNTUNHOXVZWEF1YjNKbk1JSUJJakFOQmdrcWhraUcKOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXlVbWVvY0o2V09jRHBOR0x2SzRGMURkK3JVTDVBNjlQTVpwSApDSUlQZ2xrakNxcGlLL28yeFJlTTZ5VTlPVkpRcUJJUzRPeUFvWGxlKzJ4OURDanA2U1JpV2RJZEV2NFAzNk1nClRBV3lUdndta1dMYXFodmlwKzZQM0xUOGt0aktDL0JKVXo3dXlOWjAvTEdMWThpbWw1U1hnckQ0WlBvY2VrYzMKMStQZ0NrLzBTZWd6M0JaQkJVOVYwWXFtWFhlZDNkcHY3M1VFTXVESTVIY2NjSlFybkdUSkxDVTlJaWFJa1lQRgozQkhTVWpmbkVrS0hINWVwcTMwVEdyUytscFhxbHJ0cFFEWmIveHZpU3YyRjZWSVhGbURWdkl2RkNPaTZaMVlsClZvenVmNHhQRHQ5cmJxY1RUaGhjeVVqYWdDbnlwTmJzYms5U2QrWXFyNk1JbkZaNUZRSURBUUFCb0Zvd1dBWUoKS29aSWh2Y05BUWtPTVVzd1NUQkhCZ05WSFJFRVFEQStnZzEwWlhOMExtOXVZWEF1YjNKbmdnaHZibUZ3TG05eQpaNGNFZndBQUFZWU9ablJ3T2k4dmRHVnpkQzV2Y21lQkRYUmxjM1JBYjI1aGNDNXZjbWN3RFFZSktvWklodmNOCkFRRUxCUUFEZ2dFQkFJRTU0NFJ0RW5YRE5oQndKWDFGZ0Y4YzN5ck05SHcwNEw4VktNdnRaTlBjQU1SNC9lV0IKYTFDcE5uZVBQZktScWxiakxhOHplTW9iWWxGYlJVbGFvbnkzQXE4TlpiMFMxZ0RUWnFQWUQzRjNkMnhRUGJxOQpPbTR2Ly8zaGRIZlIvdFFCa3NPRkl0QkwvMW9jV004RTZqRm8rdU41ZGlCb3EyMUFvT0NXK1BMYWVnUG9jaGdYClJhZGcxc0JneW1tR3BDV0tNMy9UNnJTZEFvVmFoTzJ6VDd4NGhlRjNEazdsUUN5ZmdySUZDOHd2TmhBWWx1K1IKTmdoTVdNNEcvZzJPMHJvNVYzdWc4LzZ5UnovbDlhWXVJclRDNnVDaGJ3UXJFcEd4ZXR5WEd5bWE1Q2IxcTZyagpNdHNpQ0FneTBkR2dIZ2tOOVJrK3hHRC9BOGhzNURDSmdQUT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUgUkVRVUVTVC0tLS0tCg=="
+ - name: PK
+ in: header
+ description: Private key in form of PEM object encoded in Base64 (with header and footer).
+ required: true
+ schema:
+ type: string
+ example: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRREpTWjZod25wWTV3T2sKMFl1OHJnWFVOMzZ0UXZrRHIwOHhta2NJZ2crQ1dTTUtxbUlyK2piRkY0enJKVDA1VWxDb0VoTGc3SUNoZVY3NwpiSDBNS09ucEpHSlowaDBTL2cvZm95Qk1CYkpPL0NhUll0cXFHK0tuN28vY3RQeVMyTW9MOEVsVFB1N0kxblQ4CnNZdGp5S2FYbEplQ3NQaGsraHg2UnpmWDQrQUtUL1JKNkRQY0ZrRUZUMVhSaXFaZGQ1M2QybS92ZFFReTRNamsKZHh4d2xDdWNaTWtzSlQwaUpvaVJnOFhjRWRKU04rY1NRb2NmbDZtcmZSTWF0TDZXbGVxV3UybEFObHYvRytKSwovWVhwVWhjV1lOVzhpOFVJNkxwblZpVldqTzUvakU4TzMydHVweE5PR0Z6SlNOcUFLZktrMXV4dVQxSjM1aXF2Cm93aWNWbmtWQWdNQkFBRUNnZ0VCQUxEYnBhejlncUNBZ2x3YjNjcXZvT0dBelNZUk5WaCtmWGZZMVZidGFCRWcKbnNCdFNvclhjNjRpN2lkaDlmUmFsaEhHcDUzSFQ1SVJZVnBLVFdrVXZjbWl0V08wVU9WeUk2SmM0ekRJeEkzUAowVmRtNHpnWi9rR05SQXdwWGM3cytrSVpJMlFvWkloRW5rKzA5QU45dHBweTdkamdBN0E5Ymk0bVN6Tyt2Z2h2Ci9KMnErZlNzTm5hbWE2MGFDMC90QzBEYmlVZ2xFN0taaGVQTjlqaGZCa1pLUW1MUVpUMHJQWE1sU2gvdU41SWUKSGpBYkVQVHJCdGxTZ2pRT2o5ZnJhSk9xRm1tL3hGQ2YvKzRuNU0xeGNpQVBoeUZydDdSU1NuZ2tOcW50VkVXUQpxSytMSWlDSHpLMFpBUWhVMGVSVXZqRjVWK210QjhPaEpNSkxMQkVvS0NFQ2dZRUEvWU05YlB4bVVzS2VCclZiClVtRlg5TXRKWmZwd1lLbkQveVh0MjZWcHM4OEZhbEhsSDd6R3MvQitZYjZXMGgxcnBzUWoreTJtejMvS092eEgKMFA2Um01R0ZJNjhsdXc1UUlHV1FMT2FtaThUZW9yU21vQXp3TkVOL1lpdFY3UURPdVZTQUZiVTJBTkRRMWZaawpFY29HeHdLbC9pOEtWTDF1Z2pseEE1ZWp6dzBDZ1lFQXkwTTBGTTRVendzRHRJbW5hMkRwYmlobGFxQ0dZVWxQCmQ2N2NidDlWejZ6NE1MMm00TlZZOUdhdU9OQUF0R2VVSTlNYnlqNVlmaVJaSXFtc0RjaU16eGtMeDJOTzlUaTEKaHJJZzJxeUNubFhJVWtmQkxxUG94Z3FYeHBpS1hnblYwNU9VWEdHVW5Ya2JNNjZsNlVEMUw0YnVpMzVVRDI3Uwp3ajdCMGdodmtDa0NnWUVBdit3dWdhYm5sRG9RUnNYZnVCTkg4bVJBVWZyeVBzdm5QTytyRGtGQkw4Wkh0RUVCCnREQkhRZ3lNc1ZVSGUxU1luaTBaakZ2NFVGalBjaTV4OUMvMWJoQVIrbnpybEp4MlhzQmxFUWtoQnVscEgwYWkKYXNMQXl1QmF2S2hRS2RnVnFNcm5HUWdTTlRYaEZFcXZZYVJQMHpRWEZNTHFFRk5GS1VOeFlxWFhkclVDZ1lCegpleUR4MlF1MWZicURMZG55aGNMWmxSWFplSTRnWTdoRWRSSkQ0NXNyUEVoZDJNSWc1dFY5TllFeVFlckVsRHgwCkJoSzUycVlJTkxwM21SSnBXbEcxcjdNamV1WjNKOXJxUmZXb2gyNUdhdEkrL1FsaWFEbHRtc01VVDhIOUgzVmUKbVhBbTlFR3RIZ3M0VjdkblNFS0UyQkpiS2xDejIvRGQ3eTNMR0lQWjBRS0JnUUNLRTRMMEhxSkkwV2ZFKzlMYQpONCtjems2dnBoOUdlbHNib1NIM1FBN3V0cDFQdWo0ZU5kZ0tNZUJiczgvQk5JMWFLdFI0c3JFT2VKbkpxSStoCkdRRHc5V1cxSHAyNGlFUXp6QXJLQTNlY2JMYTNwQkhyR3RhMk14VHFBb1NtMWkwU3BybWIvRkNNd0Q1ZDNDV1YKYnp0R29yemhiOVJYdUhnYlZ3OWZZdU1XQlE9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg=="
+ - name: OLD_CERT
+ in: header
+ description: Old certificate in form of PEM object encoded in Base64 (with header and footer).
+ required: true
+ schema:
+ type: string
+ example: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRQ3owYnhqaytOSXNzVzMKTDBUazhZS2Rvd1UxZ0VUWUVoeWQ5d0c1M1E4VkcwOFV6cW9QVml4N0lSSXB1cDdDbG9GelErQmxwUUNoZEp1bQpoVmE1dXRjdFhXYVRId0FjRUxjc0hzdEZiZlFLcnMxempGOE1tdW1XcWo1NXdyOTVBcmJCdm1kOW9QL2hKMkRECkd1OUNmM3VzUTl2Qk1GYjJ4eXRKb2tBY1c0ME50UmgyOEhYaTRLZUFBcTIwQVF0dnVLQzd3L0Uvbkt5bmlPM08Kb3lOcEh5KzlZYW1aSDJCRi9CK0xiM2RibkZPNFVCc3JoSk5tTFhkMFBtTmNhRC9NMjJxMzlHdWRnRGNheHZFZwpTaVFRVURNTG1rb3llQUNkRzNaVnVSSlRNZGZscHI3djlocVJETVcxUlJKMEYzWWdjNmN3b0lodGdraEZHZWFtClQ5RHpaSkJyQWdNQkFBRUNnZ0VCQUpwY3lvN2t6akNESHMweEs4QXBQb29aL29lOTg5dFVPUEsxcnVxaHhLZkcKeUsxQTk2V3d3UUIyRkVSMEtvTTZkaWUvdGVzcnFRM3dyd2xVMzIwUzRsTFVJaERiaE5tUzA5dHhGK2dqQ21MOQpTZXNPTGk0QThkTGZsRUFzR1BoRmh5TnNVeVQ2UjQ0OW9vZjZJRGdDZmVVVVg1cEk1KzV5YlV1SmwrV0FCZWNrCkF4aWo1U21TNlpHUnN3L0FIMnUzYWsyTEw0a3lCbTVZd0E4cE5yR3UyTjM2TGJ0djI2aWlQUXdhSlBEeWlPaE0KcW5nUHBKd2s2MHVRb3IrK0xRdUYvN3B3Qm1XOGo3VmRhM3YwZkR6L3hiTXljVE1BRHA2b1pxcFhWRGs4Q0tSYgpiNndCa0ZxbHpwVDc0cTFyYlhrRUJFUjZaTnV5bHhmeWFoQjBGdXZDdnhFQ2dZRUE3N3BCaVcrUEJOeGg1SlBLCjNnM1JGckErYzR3WG0zU1VOTXRIL1JBenVEM01nRGlaRGZXV3FMQVQySlF6VUUwNm03NUZyNzdHa3MwWXQ3WkMKWmxCdko3a3RVSU9oS0ZxMTJqVjYrbWVJV29ka05hdGd1MmZVUGxlaDVwWGhLV1RUUHRUaTkyYWFKUG5PSWQ3UApDQ21PUjBxV1ZmcUk1LzNpaVhZOXNVRm5mVmtDZ1lFQXdBWjBRdENKcGw1SWw0QjVZWS82VXJpOUdLbXQ1MjNzCmJPNWRLRHg1RHYyU3preGZkeU5YN2FnZXBSZ3VrSGpKZ0x2anNTWnlPeEVwaThiQ3d1bTJ1MngyR0p6ektNQmgKVVdrakdTVE5JVkJKUTBhOCs3NVV3bHBJQXhqMFE1RkVMNXVEUm41NFNHN2NnRlpqRmhBTE1qT09vVUFpbk5QagptSkQ2eDFVQjcyTUNnWUVBeFIvQk9FUVZ0SWVMcjZ1Znk0eE0vSDBjUFdOYkhpZDBueHp4S3pTaGNzVE9YamtzCkVnQjZUR2ZOU2ZCRGFhcTNvTTJLL0FMQndvRUg3RGpnek1ValFlVFJVRDJNeldRWjJUN1V5d2RMWmpXaXYwY1gKR2NNOUVhNTVvT1JwNitIT213SHZTRVNFU0JkcDJ3d2Q3YlpPR20xSXhaWm44V3doVmF0MiswU3UxckVDZ1lBeApNZlliSC80RDUyZkZtSjZBUmppbGRMck5WTHMrN1VTQzY5Wmw5b2cxTlBXbGNKK01rRHQ0b1hlb2FEZVZ2N3d3CkJQTGljYTBXUU9GWjlBUDFsNWEvRVp4MzFjM2VCTnRwMWZ1dDkyV3VRVGxqeVAybHFTOWgwMnRiajhzVWZHVHgKcFcvT1laeERRbE92ZFhKUk5xOEhuM25OQ2ZkVUlsek91MlhrSjMwbGJRS0JnUUROZlV1THB5V1B2cGh0SHhTMwpaek9tbHRwM2pkNHVSQkJ6b25KZWNKSFF5N3lpY3VleFlib0RUTjRmaG5aTExoL0dCT05iOXBXK2ZLTVVkeDIxCjh0anJiZUdHengyOHNBMFBHWTMxZlA0aC9xNmY2QXdCVllUa1pkeHNJTmE4WS9EcUxYNmt5Z0VLSXliMGZLQnIKS09ldUlZYTN2cUdGUndSWXU1NTNsMmtqRHc9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg=="
+ - name: OLD_PK
+ in: header
+ description: Old private key (corresponding with old certificate) in form of PEM object
+ encoded in Base64 (with header and footer).
+ required: true
+ schema:
+ type: string
+ example: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRQ3owYnhqaytOSXNzVzMKTDBUazhZS2Rvd1UxZ0VUWUVoeWQ5d0c1M1E4VkcwOFV6cW9QVml4N0lSSXB1cDdDbG9GelErQmxwUUNoZEp1bQpoVmE1dXRjdFhXYVRId0FjRUxjc0hzdEZiZlFLcnMxempGOE1tdW1XcWo1NXdyOTVBcmJCdm1kOW9QL2hKMkRECkd1OUNmM3VzUTl2Qk1GYjJ4eXRKb2tBY1c0ME50UmgyOEhYaTRLZUFBcTIwQVF0dnVLQzd3L0Uvbkt5bmlPM08Kb3lOcEh5KzlZYW1aSDJCRi9CK0xiM2RibkZPNFVCc3JoSk5tTFhkMFBtTmNhRC9NMjJxMzlHdWRnRGNheHZFZwpTaVFRVURNTG1rb3llQUNkRzNaVnVSSlRNZGZscHI3djlocVJETVcxUlJKMEYzWWdjNmN3b0lodGdraEZHZWFtClQ5RHpaSkJyQWdNQkFBRUNnZ0VCQUpwY3lvN2t6akNESHMweEs4QXBQb29aL29lOTg5dFVPUEsxcnVxaHhLZkcKeUsxQTk2V3d3UUIyRkVSMEtvTTZkaWUvdGVzcnFRM3dyd2xVMzIwUzRsTFVJaERiaE5tUzA5dHhGK2dqQ21MOQpTZXNPTGk0QThkTGZsRUFzR1BoRmh5TnNVeVQ2UjQ0OW9vZjZJRGdDZmVVVVg1cEk1KzV5YlV1SmwrV0FCZWNrCkF4aWo1U21TNlpHUnN3L0FIMnUzYWsyTEw0a3lCbTVZd0E4cE5yR3UyTjM2TGJ0djI2aWlQUXdhSlBEeWlPaE0KcW5nUHBKd2s2MHVRb3IrK0xRdUYvN3B3Qm1XOGo3VmRhM3YwZkR6L3hiTXljVE1BRHA2b1pxcFhWRGs4Q0tSYgpiNndCa0ZxbHpwVDc0cTFyYlhrRUJFUjZaTnV5bHhmeWFoQjBGdXZDdnhFQ2dZRUE3N3BCaVcrUEJOeGg1SlBLCjNnM1JGckErYzR3WG0zU1VOTXRIL1JBenVEM01nRGlaRGZXV3FMQVQySlF6VUUwNm03NUZyNzdHa3MwWXQ3WkMKWmxCdko3a3RVSU9oS0ZxMTJqVjYrbWVJV29ka05hdGd1MmZVUGxlaDVwWGhLV1RUUHRUaTkyYWFKUG5PSWQ3UApDQ21PUjBxV1ZmcUk1LzNpaVhZOXNVRm5mVmtDZ1lFQXdBWjBRdENKcGw1SWw0QjVZWS82VXJpOUdLbXQ1MjNzCmJPNWRLRHg1RHYyU3preGZkeU5YN2FnZXBSZ3VrSGpKZ0x2anNTWnlPeEVwaThiQ3d1bTJ1MngyR0p6ektNQmgKVVdrakdTVE5JVkJKUTBhOCs3NVV3bHBJQXhqMFE1RkVMNXVEUm41NFNHN2NnRlpqRmhBTE1qT09vVUFpbk5QagptSkQ2eDFVQjcyTUNnWUVBeFIvQk9FUVZ0SWVMcjZ1Znk0eE0vSDBjUFdOYkhpZDBueHp4S3pTaGNzVE9YamtzCkVnQjZUR2ZOU2ZCRGFhcTNvTTJLL0FMQndvRUg3RGpnek1ValFlVFJVRDJNeldRWjJUN1V5d2RMWmpXaXYwY1gKR2NNOUVhNTVvT1JwNitIT213SHZTRVNFU0JkcDJ3d2Q3YlpPR20xSXhaWm44V3doVmF0MiswU3UxckVDZ1lBeApNZlliSC80RDUyZkZtSjZBUmppbGRMck5WTHMrN1VTQzY5Wmw5b2cxTlBXbGNKK01rRHQ0b1hlb2FEZVZ2N3d3CkJQTGljYTBXUU9GWjlBUDFsNWEvRVp4MzFjM2VCTnRwMWZ1dDkyV3VRVGxqeVAybHFTOWgwMnRiajhzVWZHVHgKcFcvT1laeERRbE92ZFhKUk5xOEhuM25OQ2ZkVUlsek91MlhrSjMwbGJRS0JnUUROZlV1THB5V1B2cGh0SHhTMwpaek9tbHRwM2pkNHVSQkJ6b25KZWNKSFF5N3lpY3VleFlib0RUTjRmaG5aTExoL0dCT05iOXBXK2ZLTVVkeDIxCjh0anJiZUdHengyOHNBMFBHWTMxZlA0aC9xNmY2QXdCVllUa1pkeHNJTmE4WS9EcUxYNmt5Z0VLSXliMGZLQnIKS09ldUlZYTN2cUdGUndSWXU1NTNsMmtqRHc9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg=="
+ responses:
+ "200":
+ description: Certificate successfully updated
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/CertificationResponseModel'
+ "400":
+ description: 'Given CSR, PK, old certificate or/and old PK is incorrect'
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ErrorResponseModel'
+ "404":
+ description: CA not found for given name
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ErrorResponseModel'
+ "500":
+ description: Something went wrong during connection to CMPv2 server
+ content:
+ application/json:
+ schema:
+ $ref: '#/components/schemas/ErrorResponseModel'
+ '/v1/certificate/{caName}':
+ get:
+ tags:
+ - CertificationService
+ summary: Initialize certificate
+ description: Web endpoint for requesting certificate initialization. Used by system
components to gain certificate signed by CA.
operationId: signCertificate
parameters:
@@ -48,12 +119,12 @@ paths:
example: "RA_TEST"
- name: CSR
in: header
- description: Certificate signing request in form of PEM object encoded in
+ description: Certificate initialization request in form of PEM object encoded in
Base64 (with header and footer).
required: true
schema:
type: string
- example: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJREVqQ0NBZm9DQVFBd2daY3hDekFKQmdOVkJBWVRBbFZUTVJNd0VRWURWUVFJREFwRFlXeHBabTl5Ym1saApNUll3RkFZRFZRUUhEQTFUWVc0dFJuSmhibU5wYzJOdk1Sa3dGd1lEVlFRS0RCQk1hVzUxZUMxR2IzVnVaR0YwCmFXOXVNUTB3Q3dZRFZRUUxEQVJQVGtGUU1SRXdEd1lEVlFRRERBaHZibUZ3TG05eVp6RWVNQndHQ1NxR1NJYjMKRFFFSkFSWVBkR1Z6ZEdWeVFHOXVZWEF1YjNKbk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQgpDZ0tDQVFFQXpRekpQTmhrRURhL3JnUmhJUmpLVDF2RC84Wk9scXA3UmRuYTEybXFIU2FqQ0hHeGR0K1JPZk0vCkpINk9NczZNSjlwNXRJVE5VUWVDUEQ5cE44WkpzMCtOaWQvRE1Nb1B3MW94NnZyNFc5Rnh4K3NGN2hnK05nYjEKNGxvZVZob2EwajlKd1hlc2krSThNbFBObGRMRXlGYnZubDgyNzl0Qjg2dmRpR2g3blFjek8rbnY5elBqZllVcQpIaGlRK1ptMEZjbWFxblVJOG54aWJQNmFMMS9uWFQ3aHlwY0VzOCtpenNZVktqdVdwSjhlZHN0T1NBYTlkWXkrCkVhYTFPTlo5RFRDQzArZmM4S0pBNGJjWVE0T2tPYXFmcnhxY0xMOXZJL1BROWZtYThTUXBmcXVTbmQvbjNOazMKK1NoYnVCclorVnNQRWhsWnBJb2lXdS9scjlrdnp3SURBUUFCb0RVd013WUpLb1pJaHZjTkFRa09NU1l3SkRBaQpCZ05WSFJFRUd6QVpnZ2h2Ym1Gd0xtOXlaNElOZEdWemRDNXZibUZ3TG05eVp6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBUUVBV0N2QlJzTmZ5S0F1NWhIWldWUm8xd2VWSVJvbHQyRWdsSUkzbHI4d0ZlN1hobUtZVlhESzJ3aHEKc2hCakNNQUJHNW90MlBXUE8yK1JLSmsveEh2RXRoQzMybityQlhOS2hHUUJMY3dyeFNBbjVUMHFNa0xzTGJiRAphTU1nTnRiYWxmOC9mVmNWWDY1WTVVb052Y2FScEpvVUdYY1ovZ3kvMG5aWnNXbURkejk1Rys2MXFnY0s3RlhOClB1bENxLy9YNUZkK2NkQy9TTnNxaGtqdlgyd3hYMUZRVVYwcFp0akcwenl3b3JwNE9HSkRiUUxtaWFZSlQ2Ym8KNjAyZ21zWFNTQlJzVWFCOEsxeWMzalRkS043QjYxcjhwYW05NlBxQjdXME13MVRJVFAzQnhJTk5kN1hhNlI5VAo5T3BTcDhFcUZ5R043M3NJN0svbDdNZVJvUm1PUUE9PQotLS0tLUVORCBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0K"
+ example: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJREZqQ0NBZjRDQVFBd2R6RUxNQWtHQTFVRUJoTUNWVk14RXpBUkJnTlZCQWdNQ2tOaGJHbG1iM0p1YVdFeApGakFVQmdOVkJBY01EVk5oYmkxR2NtRnVZMmx6WTI4eERUQUxCZ05WQkFzTUJFOU9RVkF4R1RBWEJnTlZCQW9NCkVFeHBiblY0TFVadmRXNWtZWFJwYjI0eEVUQVBCZ05WQkFNTUNHOXVZWEF1YjNKbk1JSUJJakFOQmdrcWhraUcKOXcwQkFRRUZBQU9DQVE4QU1JSUJDZ0tDQVFFQXM5RzhZNVBqU0xMRnR5OUU1UEdDbmFNRk5ZQkUyQkljbmZjQgp1ZDBQRlJ0UEZNNnFEMVlzZXlFU0ticWV3cGFCYzBQZ1phVUFvWFNicG9WV3ViclhMVjFta3g4QUhCQzNMQjdMClJXMzBDcTdOYzR4ZkRKcnBscW8rZWNLL2VRSzJ3YjVuZmFELzRTZGd3eHJ2UW45N3JFUGJ3VEJXOXNjclNhSkEKSEZ1TkRiVVlkdkIxNHVDbmdBS3R0QUVMYjdpZ3U4UHhQNXlzcDRqdHpxTWphUjh2dldHcG1SOWdSZndmaTI5MwpXNXhUdUZBYks0U1RaaTEzZEQ1alhHZy96TnRxdC9Scm5ZQTNHc2J4SUVva0VGQXpDNXBLTW5nQW5SdDJWYmtTClV6SFg1YWErNy9ZYWtRekZ0VVVTZEJkMklIT25NS0NJYllKSVJSbm1way9RODJTUWF3SURBUUFCb0Zvd1dBWUoKS29aSWh2Y05BUWtPTVVzd1NUQkhCZ05WSFJFRVFEQStnZzEwWlhOMExtOXVZWEF1YjNKbmdnaHZibUZ3TG05eQpaNGNFZndBQUFZWU9ablJ3T2k4dmRHVnpkQzV2Y21lQkRYUmxjM1JBYjI1aGNDNXZjbWN3RFFZSktvWklodmNOCkFRRUxCUUFEZ2dFQkFFb3JtOWJ2NTlVVk5ESHhLSlgzREFIT0w2cXVvVnBrRUNhS0xWaVVwaG9CS0c4MU1CN0kKY0k0S211bm5pbzRIa002LytZQmlpYnJXV1c1WFFFWFpKYTRkMnE1SnlRNFNMaXFnT1o4OWRlRm1iTEdTbGFaSQpwLzFmaTFlRVY0aU5wK1FhKzJBbHhTTEZVWmpFamtCRUNJVWs4ZEJERE5ZUXA2MEduazRLSjJkbDVxYTc1dzNsCkFhT2VlcFgvSHdJK2pRc2FIZHFZUW9aUFhuWXF4V2FaVWtNOG9PSXEzTUxzZDNGcGdzcnlUWXVqZDJxeTlTa2oKZjYyNElhU2tmeXVQZEJwdTZENWw5SjZOUmxtY25iWVJydHFaRGtmZXBYV1NPMHEyLzFBR0VSa0ppdTRYR1lLbwo3b0I0MWFvKzNva1V6RmUyOUlseXVmWUhHU0xmaFRtdkp1TT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUgUkVRVUVTVC0tLS0tCg=="
- name: PK
in: header
description: Private key in form of PEM object encoded in Base64 (with header
@@ -61,14 +132,14 @@ paths:
required: true
schema:
type: string
- example: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRRE5ETWs4MkdRUU5yK3UKQkdFaEdNcFBXOFAveGs2V3FudEYyZHJYYWFvZEpxTUljYkYyMzVFNTh6OGtmbzR5em93bjJubTBoTTFSQjRJOApQMmszeGttelQ0MkozOE13eWcvRFdqSHErdmhiMFhISDZ3WHVHRDQyQnZYaVdoNVdHaHJTUDBuQmQ2eUw0and5ClU4MlYwc1RJVnUrZVh6YnYyMEh6cTkySWFIdWRCek03NmUvM00rTjloU29lR0pENW1iUVZ5WnFxZFFqeWZHSnMKL3BvdlgrZGRQdUhLbHdTeno2TE94aFVxTzVha254NTJ5MDVJQnIxMWpMNFJwclU0MW4wTk1JTFQ1OXp3b2tEaAp0eGhEZzZRNXFwK3ZHcHdzdjI4ajg5RDErWnJ4SkNsK3E1S2QzK2ZjMlRmNUtGdTRHdG41V3c4U0dWbWtpaUphCjcrV3YyUy9QQWdNQkFBRUNnZ0VBZkN5cUVYYlo0aGZGckpScVhhaXRtN0Z1Mkk0M09YYTBnSENWM3EzV255Q3UKeW9aUGVqV1p0UVpoenEvMVhUOUlFVHAxU2FUQzBiZENYMG5uWmlkbXFuZ2F0c3dUWUpCOVMwaHJ3bW1KemREZwpucmp0Tm1yb0FiL2xWOVpMV01rbVJQeWVwZExiWXpyMlNXUUd0QnlYbnR0RzhSbW9JMGtjZjN3dEJGYUJ4VzFwClFzRUNXUFBpdjNZRDh2SzlSRG9wdmxCMnFZVWxCTm1kQ3AxWEJXMU9OZm5wckUwZFhiYTJxVzB3M3lqU2dJdGYKUWJBSTJZQzJEWlpIK3liRGFMZWVtb0p3dDdPK1F6NWp4SkgwWkFpSnVaNzNpSTVocFBJQlhLamRkU1p1bjRpRwpEOFZaaCtYWE9yQWJxVURXdlN4UW9kdFhYeGNSSS9aWUx5WWR1OHdhd1FLQmdRRHA3UEhwdWFDSk50MlBLV3d6Cll4SDhIYlB1L0pTS2R3UytZek5SNzJaYlUwSmQxWTdPc1JCR1Bvd24zOW55WDlJYzJINXBLc2VJYnpsK1lJS1MKQW9BKy9nbFZZUGpIZ2RmVHF6R01QMm5meVh0dVpFQzdicVBLSVlzL0Qwb0pGQzFkUThwUjFxcXp6NjJEMEUvawpSS1MrVFhpSlkvMlJiQVhDckFDVnNwVmQzUUtCZ1FEZ1prZE45SkhIMjYyRWdLQ3p1Q0NHMXlYa3IrcWVHZ3ozCldWbUtMaGVveitHVXlvVDVuaGlvUTJxNlllYTJ1ODlVYUdGZFk4Y0hIQVdhUy9UdU9FYzdBRHV4eTZsVWpKWkQKU3V0YU80cWk3eXh6UGxNN2w5alVpejV5MldZZGRnWEhLOG82M0pOSHdwd0FYaDgycytTbm9STUZSd1JOTGsyWQp4WmxxRm55WG13S0JnUUNkdEkrWEtmMHY1SnhVUXZIZVp3RWQvb3hySnoraFpnSDl0UFZKWE9PZDJERGEvL25xCklQYysxRFk3UDdBNHRoNzZNWDV2dWxhUkJhTTJMeXgzOFZXeW9pTjZ1d2lkd0V6WU9BY01iVWdjaGtJL3R6am8KNC90cWIxam9KNCtiTlU0c0hXTE43N0pmelRoR3NHN2NEdWNlSVM2Tk9hc2VtanY3OVdmamhHVXN4UUtCZ1FETQpwbHFYVE5uNjlHek9MK1Rmb3FmL2NZMjhmM2N3VXovS0FYRzRwSXF0U1ZGSXVsNEZyTnA5OG1ZT3J5U1RPTHRBCkZxWGRYeGJ2Yysza0p5dXNhaVVFT1JVMzlDNXN6bjVueHBiWHh2K0wweWF0djRSM0QrZ1BCeUtmNlliSWpZOTkKY29GUHAwU21xR1JQclljNEExNGdSclVyRmZabFVUb3hmdHlJTlJQUnl3S0JnUURoSFkvT24vRTNodmo4aHBKRQplMWNuQ2ZsV2VKWlZSdnBPQm96NCtwMVltMzZZZEQ0azBpSEh6anZUUGlBSnNGTFB5VXVTZXI0T3hpN2cvcmYvCklPVjN4bHZyNXdSRmxLYWxvWjY5azkxNm5qdWM0d2lXVzdMbGt1YWptVDhlSUszTU05MU9SL1VFcE16dFMyMHEKZ3hRMEVieTFaMlh6TWlkMEhZZTlVcTJaSmc9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg=="
+ example: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRQ3owYnhqaytOSXNzVzMKTDBUazhZS2Rvd1UxZ0VUWUVoeWQ5d0c1M1E4VkcwOFV6cW9QVml4N0lSSXB1cDdDbG9GelErQmxwUUNoZEp1bQpoVmE1dXRjdFhXYVRId0FjRUxjc0hzdEZiZlFLcnMxempGOE1tdW1XcWo1NXdyOTVBcmJCdm1kOW9QL2hKMkRECkd1OUNmM3VzUTl2Qk1GYjJ4eXRKb2tBY1c0ME50UmgyOEhYaTRLZUFBcTIwQVF0dnVLQzd3L0Uvbkt5bmlPM08Kb3lOcEh5KzlZYW1aSDJCRi9CK0xiM2RibkZPNFVCc3JoSk5tTFhkMFBtTmNhRC9NMjJxMzlHdWRnRGNheHZFZwpTaVFRVURNTG1rb3llQUNkRzNaVnVSSlRNZGZscHI3djlocVJETVcxUlJKMEYzWWdjNmN3b0lodGdraEZHZWFtClQ5RHpaSkJyQWdNQkFBRUNnZ0VCQUpwY3lvN2t6akNESHMweEs4QXBQb29aL29lOTg5dFVPUEsxcnVxaHhLZkcKeUsxQTk2V3d3UUIyRkVSMEtvTTZkaWUvdGVzcnFRM3dyd2xVMzIwUzRsTFVJaERiaE5tUzA5dHhGK2dqQ21MOQpTZXNPTGk0QThkTGZsRUFzR1BoRmh5TnNVeVQ2UjQ0OW9vZjZJRGdDZmVVVVg1cEk1KzV5YlV1SmwrV0FCZWNrCkF4aWo1U21TNlpHUnN3L0FIMnUzYWsyTEw0a3lCbTVZd0E4cE5yR3UyTjM2TGJ0djI2aWlQUXdhSlBEeWlPaE0KcW5nUHBKd2s2MHVRb3IrK0xRdUYvN3B3Qm1XOGo3VmRhM3YwZkR6L3hiTXljVE1BRHA2b1pxcFhWRGs4Q0tSYgpiNndCa0ZxbHpwVDc0cTFyYlhrRUJFUjZaTnV5bHhmeWFoQjBGdXZDdnhFQ2dZRUE3N3BCaVcrUEJOeGg1SlBLCjNnM1JGckErYzR3WG0zU1VOTXRIL1JBenVEM01nRGlaRGZXV3FMQVQySlF6VUUwNm03NUZyNzdHa3MwWXQ3WkMKWmxCdko3a3RVSU9oS0ZxMTJqVjYrbWVJV29ka05hdGd1MmZVUGxlaDVwWGhLV1RUUHRUaTkyYWFKUG5PSWQ3UApDQ21PUjBxV1ZmcUk1LzNpaVhZOXNVRm5mVmtDZ1lFQXdBWjBRdENKcGw1SWw0QjVZWS82VXJpOUdLbXQ1MjNzCmJPNWRLRHg1RHYyU3preGZkeU5YN2FnZXBSZ3VrSGpKZ0x2anNTWnlPeEVwaThiQ3d1bTJ1MngyR0p6ektNQmgKVVdrakdTVE5JVkJKUTBhOCs3NVV3bHBJQXhqMFE1RkVMNXVEUm41NFNHN2NnRlpqRmhBTE1qT09vVUFpbk5QagptSkQ2eDFVQjcyTUNnWUVBeFIvQk9FUVZ0SWVMcjZ1Znk0eE0vSDBjUFdOYkhpZDBueHp4S3pTaGNzVE9YamtzCkVnQjZUR2ZOU2ZCRGFhcTNvTTJLL0FMQndvRUg3RGpnek1ValFlVFJVRDJNeldRWjJUN1V5d2RMWmpXaXYwY1gKR2NNOUVhNTVvT1JwNitIT213SHZTRVNFU0JkcDJ3d2Q3YlpPR20xSXhaWm44V3doVmF0MiswU3UxckVDZ1lBeApNZlliSC80RDUyZkZtSjZBUmppbGRMck5WTHMrN1VTQzY5Wmw5b2cxTlBXbGNKK01rRHQ0b1hlb2FEZVZ2N3d3CkJQTGljYTBXUU9GWjlBUDFsNWEvRVp4MzFjM2VCTnRwMWZ1dDkyV3VRVGxqeVAybHFTOWgwMnRiajhzVWZHVHgKcFcvT1laeERRbE92ZFhKUk5xOEhuM25OQ2ZkVUlsek91MlhrSjMwbGJRS0JnUUROZlV1THB5V1B2cGh0SHhTMwpaek9tbHRwM2pkNHVSQkJ6b25KZWNKSFF5N3lpY3VleFlib0RUTjRmaG5aTExoL0dCT05iOXBXK2ZLTVVkeDIxCjh0anJiZUdHengyOHNBMFBHWTMxZlA0aC9xNmY2QXdCVllUa1pkeHNJTmE4WS9EcUxYNmt5Z0VLSXliMGZLQnIKS09ldUlZYTN2cUdGUndSWXU1NTNsMmtqRHc9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg=="
responses:
"200":
description: Certificate successfully signed
content:
application/json:
schema:
- $ref: '#/components/schemas/CertificationModel'
+ $ref: '#/components/schemas/CertificationResponseModel'
"400":
description: Given CSR or/and PK is incorrect
content:
@@ -82,7 +153,7 @@ paths:
schema:
$ref: '#/components/schemas/ErrorResponseModel'
"500":
- description: Something went wrong during connectiion to CMPv2 server
+ description: Something went wrong during connection to CMPv2 server
content:
application/json:
schema:
@@ -147,7 +218,7 @@ components:
errorMessage:
type: string
example: "Internal server error"
- CertificationModel:
+ CertificationResponseModel:
type: object
properties:
certificateChain: