Overview
    Alice & Bob
    Sending
    Receiving
    Identity
    Encryption
Technology
    Identity CA
    MTA Identity
    MTA Transport
Changes
Glossary

Certificate Authority Issuing Identites

Main Endpoints of the Identity CA
Main Endpoints of the Identity CA
The identity CA's API consists of four main endpoints that support the following use cases:

  1. Obtain a certificate
  2. Revoke a certificate
  3. Fetch the CRL
  4. Fetch the revocation state of a particular certificate
Obtaining an identity certificate

URL: example.com/ca/identity/{totp}
Protocol: HTTPS
Method: POST
Consumes: text/plain, application/xml, application/json
Produces: text/plain, application/xml, application/json
Authentication: none
Status Codes: 200, 400, 401, 403, 500, 502

Input: PEM encoded certificate signing request
Output: PEM encoded certificate chain
Error: HttpStatus object
Revoking an identity certificate

URL: example.com/ca/revoked
Protocol: HTTPS
Method: POST
Consumes: N/A
Produces: text/plain, application/xml, application/json
Authentication: Mutual authentication with the identity certificate that is supposed to be revoked
Status Codes: 200, 400, 401, 403, 500, 502

Input: None
Output: boolean value (true/false)
Error: HttpStatus object
Fetch the certificate revocation list

URL: example.com/ca/crl
Protocol: HTTP
Method: GET
Consumes: N/A
Produces: application/pkix-crl
Authentication: none
Status Codes: 200, 500

Input: None
Output: DER encoded certificate revocation list
Error: HttpStatus object
Fetch the revocation state of a particular certificate

URL: example.com/ca/revocationstate/{serialNumber}
Protocol: HTTPS
Method: GET
Consumes: N/A
Produces: text/plain, application/xml, application/json
Authentication: None
Status Codes: 200, 400, 404, 500

Input: None
Output: boolean value (true/false)
Error: HttpStatus object