Entrust
Entrust Request Objects
| Name | Description |
|---|---|
| certificateAuthority | (Mandatory) Name of the certificate authority that
issues the certificate. Type: String Constraint: The value should be Entrust. |
| isAutoRenewal | (Optional) Determines whether the certificate will
be renewed before its expiration date. If enabled (true), renewal is
initiated before the expiry date, following the specified number of
days in "renewBefore." Type: Boolean Constraint: The value should be disabled (false) if autoRegenerateEnabled is true. |
| renewBefore | (Optional) Specifies the number of days prior to
expiration when the renewal request should be
triggered. Type: Integer Constraint: The value must be provided if isAutoRenewal is true. |
| autoRegenerateEnabled | (Optional) Determines whether the certificate will
be regenerated before its expiration date, as indicated by the
"regenerateBeforeInDays" field. If enabled (true), regeneration
occurs before expiry, according to the specified number of days in
"regenerateBeforeInDays." Type: Boolean Constraint: The value should be disabled (false) if isAutoRenewal is true. |
| regenerateBeforeInDays | (Optional) Specifies the number of days prior to
expiration when the regenerate request should be
triggered. Type: Integer |
| caSettingName | (Mandatory) Name of the CASetting created in
AppViewX for the chosen certificate authority. Type: String |
| divisionId | (Mandatory) Entrust division id. Type: String |
| certificateType | (Mandatory) Name of the certificate product offered
by the certificate authority. Type: String |
| description | (Optional) Information about the
certificate. Type: String |
| csrParameters | (Optional) Parameters required for generating a
CSR. Type: Entrust CSR Parameters |
| genericFields | (Optional) Custom fields configured for the
CA/customer. Type: Entrust genericFields |
| vendorSpecificDetails | (Optional) Data specific to the Entrust vendor. |
| validityUnitValue | (Mandatory) Specifies the number of days, months, or
years of validity for the CA based on the value in the
"validityUnit." For example, if the expected validity is 1 year and
"validityUnit" is months, then the "validityUnitValue" should be
12. Type: Integer Constraint: If the validityUnit is not provided, then the validityUnitValue must be provided in days. |
| validityInDays | (Optional) Specifies the validity in
days. Type: Integer |
| validityUnit | (Optional) Specifies the unit in which the
"validityUnitValue" is specified. Type: Integer Constraint: Possible values are days, months, or years. |
| customAttributes | (Optional) Custom fields configured for Entrust, such as email1. |
| email1
|
(Optional) The field "email1" is given as an
example. Multiple custom attributes could be
configured. Type: String |
| name | (Optional) Name for the CA connector. Type: String |
| Name | Description |
|---|---|
| commonName | (Mandatory) A fully qualified domain name (FQDN) of
the server for which certificate is requested. Type: String Constraint: It must be compliant with the common name specified in the policy, if the policy is set as ‘Strict.’ |
| organization | (Optional) Legal name of the
organization. Type: String Constraint: Default value - the value configured in the policy. |
| organizationUnit | (Optional) Division or department of the
organization handling the certificate. Type: String Constraint: Default value - the value configured in the policy. |
| streetAddress | (Optional) Street name where the organization is
located. Type: String |
| locality | (Optional) City where the organization is located.
The value should not be abbreviated. Type: String Constraint: Default value - the value configured in the policy. |
| state | (Optional) State or region where the organization is
located. The value should not be abbreviated. Type: String Constraint: Default value - the value configured in the policy. |
| country | (Optional) A two-letter code for the country where
the organization is located. Type: String Constraint: Default value - the value configured in the policy. |
| mailAddress | (Optional) Email address of the
organization. Type: String |
| hashFunction | (Optional) The hash function to be used in the
Certificate, e.g. SHA160. It should be chosen from the possible
values configured in the certificate policy. Type: String Constraint: Default value - the first value will be chosen from the policy. |
| keyType | (Optional) The algorithm to be used for key
generation, e.g. RSA, DSA, or EC. It should be chosen from the
possible values configured in the certificate policy. Type: String Constraint: Default value - the first value will be chosen from the policy. |
| bitLength | (Optional) The bit length for the key is dependent
on the key type chosen. It should be chosen from the possible values
configured in the certificate policy. Type: String Constraint: Default value - the first value will be chosen from the policy |
| certificateCategories | (Mandatory) Purpose or intended use of the generated
certificate Type: Array of string Possible value: Server, Client, Code Signing, and Email Recommendation: Assign only one of the possible values as the input. For example, if intended certificate category is client, set this parameter to Client. |
| ellipticCurve | (Optional) If the keyType chosen is EC, then the
ellipticCurve must be specified depending on the bit length
selected. It should be chosen from the possible values configured in
the certificate policy. Type: String Constraint: Default value - the first value will be chosen from the policy |
| enhancedSANTypes | (Optional) The subject alternative names (SAN) for the certificate. The sub-parameters are dNSNames, iPAddresses, and uniformResourceIdentifiers. |
| dNSNames
|
(Optional) List of subject alternative names for the
certificate. Type: Array of String |
| iPAddresses
|
(Optional) List of IP address to be considered as
subject alternative names. Type: Array of String |
| uniformResourceIdentifiers
|
(Optional) List of URIs to be considered as subject
alternative names. Type: Array of String |
| Name | Description |
|---|---|
| device_name_<certificateAuthority> | (Optional) Server device name for which certificate is
requested. Type: String Constraint: The <certificateAuthority> has to be replaced with the value provided in the "certificateAuthority" field. |
| vs_ip_<certificateAuthority> | (Optional) Server IP address for which certificate is requested.
Type: String Constraint: The <certificateAuthority> has to be replaced with the value provided in the "certificateAuthority" field. |
| Name | Description |
|---|---|
| additionalEmails | (Optional) Additional emailID to be associated with the
request. Type: String Constraint: It should be a valid email address. |
Sample Request/Response
{
"csrGenerationSource": "appviewx",
"caConnectorInfo": {
"certificateAuthority": "Entrust",
"isAutoRenewal": "true",
"renewBefore": "30",
"autoRegenerateEnabled": false,
"caSettingName": "Entrust",
"certificateType": "Standard",
"description": "",
"csrParameters": {
"commonName": "testcert.testdomain.com",
"mailAddress": "[email protected]",
"hashFunction": "SHA256",
"keyType": "RSA",
"bitLength": "2048",
"certificateCategories": ["Server"],
"ellipticCurve": "",
"enhancedSANTypes": {
"dNSNames": [],
"iPAddresses": [],
"uniformResourceIdentifiers": []
}
},
"genericFields": {
"device_name_Entrust": "test_device",
"vs_ip_Entrust": "xxx.xxx.xxx.xxx"
},
"vendorSpecificDetails": {
"additionalEmails": "[email protected]"
},
"customAttributes": {
"email1": "[email protected]",
"text2": "ID12345",
"dropdown1": "Server Cert",
"number1": "1",
"date1": 1598985000000
},
"validityInDays": 90
},
"certificateGroup": {
"name": "Default"
}{
"response": {
"resourceId": "5f4fcb1770040d33314f11f0",
"requestId": "184"
},
"message": "Certificate submission triggered successfully.",
"appStatusCode": null,
"tags": {},
"headers": null
}