EJBCA Request Objects
EJBCA caConnectorInfo
| Name | Mandatory | Description | Field Type | Constraints |
|---|---|---|---|---|
certificateAuthority
|
Yes | Name of the certificateAuthority that will issue the
certificate. |
String
|
Value should be Ejbca. |
isAutoRenewal
|
No | If enabled, renewal will be triggered before expiry based on
renewBefore days. |
Boolean
|
Should be disabled if autoRegenerateEnabled is
true. |
renewBefore
|
No | Specifies the no of days prior to expiry for triggering the renewal request. |
Integer
|
Value must be provided if isAutoRenewal is
true.
|
autoRegenerateEnabled
|
No | If enabled, renewal will be triggered before expiry based on
renewBefore days. |
Boolean
|
Should be disabled if isAutoRenewal is
true. |
regenerateBeforeInDays
|
No | Specifies the no of days prior to expiry for triggering the regenerate request. |
Integer
|
Value must be provided if autoRegenerateEnabled is
true. |
caSettingName
|
Yes | Name of the CASetting that has been created in
AppViewX for the chosen Certificate Authority. |
String
|
Prerequisite - End entity profiles should have been fetched and updated in the specified CA setting. |
description
|
No | Note about the certificate. |
String
|
NA |
csrParameters
|
Yes | Parameters that are necessary for generating the CSR. |
EJBCA csrParameters
|
NA |
genericFields
|
No | Custom fields configured for the CA/Customer. |
genericFields
|
NA |
vendorSpecificDetails
|
Yes | Details specific to the EJBCA vendor. |
EJBCA vendorSpecificDetails
|
NA |
customAttributes
|
No | Custom fields configured for EJBCA |
EJBCA customAttributes
|
NA |
name
|
No | Specifies the name for the caConnector |
String
|
NA |
EJBCA csrParameters| Name | Mandatory | Description | Field Type | Constraints |
|---|---|---|---|---|
commonName
|
Yes | Fully qualified domain name (FQDN) of the server for which certificate is requested. |
String
|
Must be compliant with the common name specified in the policy, if the policy is set as ‘Strict’. |
organization
|
No | Legal name of the organization. |
String
|
Default value - Value configured in the policy. |
organizationUnit
|
No | Division or department of the organization handling the certificate. |
String
|
Default value - Value configured in the policy. |
locality
|
No |
City where the organization is located. This shouldn't be abbreviated. |
String
|
Default value - Value configured in the policy. |
state
|
No | State or region where the organization is located.This shouldn't be abbreviated. |
String
|
Default value - Value configured in the policy. |
country
|
No | The two-letter code for the country where your organization is located. |
String
|
Default value - Value configured in the policy. |
mailAddress
|
No | Email address of the organization. |
String
|
Default value - Value configured in the policy. |
hashFunction
|
No |
Hash function to be used in the Certificate. For example, SHA160. Should be chosen from the possible values configured in the Certificate Policy. |
String
|
Default value - the first value will be chosen from the policy |
keyType
|
No | Algorithm to be used for Key generation. For example, RSA, DSA, EC. Should be chosen from the possible values configured in the Certificate Policy. |
String
|
Default value - the first value will be chosen from the policy |
bitLength
|
No | Bit length for the key is dependent on the key type chosen. Should be chosen from the possible values configured in the Certificate Policy. |
String
|
Default value - the first value will be chosen from the policy |
certificateCategories
|
Yes | Purpose for which the generated certificate will be used. |
Array
|
Possible values - Server, Client, Code Signing, Email. |
ellipticCurve
|
No | If the keyType chosen is EC, then the
ellipticCurve must be specified depending on the
bitlength selected. Should be chosen from the possible values
configured in the Certificate Policy. |
String
|
Default value - the first value will be chosen from the policy. |
enhancedSANTypes
|
No | Subject alternative names for the certificate. |
EJBCA enhancedSANTypes
|
Value provided must be compliant with the Certificate Policy, if the policy is configured as Strict. |
EJBCA
vendorSpecificDetails| Name | Mandatory | Description | Field Type | Constraints |
|---|---|---|---|---|
userName
|
No | User name configured at EJBCA end. |
String
|
NA |
endEntityProfileName
|
Yes | Name of the end entity profile configured at CA end. |
String
|
NA |
issuerCommonName
|
Yes | Common name of the Issuer configured at CA end. |
String
|
NA |
certificateProfileName
|
Yes | Name of the Certificate profile chosen from the certificate profiles
available for the selected endEntityProfile. |
String
|
NA |
EJBCA customAttributes
| Name | Mandatory | Description | Field Type | Constraints |
|---|---|---|---|---|
postalCode
|
No |
postalCode is given as an example. This could be any
customAttribute configured for EJBCA by the customer. |
String
|
NA |
EJBCA enhancedSANTypes
| Name | Mandatory | Description | Field Type | Constraints |
|---|---|---|---|---|
dNSNames
|
No | List of Subject Alternative names for the Certificate. | Array of String |
Should be a valid domain name. |
rfc822Names
|
No | Email addresses to be considered as Subject Alternative Names. | Array of Sting |
Must be valid email addresses. |
iPAddresses
|
No | IP addresses to be considered as Subject Alternative Names. | Array of Sting |
Must be valid ip addresses. |
uniformResourceIdentifiers
|
No | URIs to be considered as Subject Alternative Names. | Array of String |
NA |