POST /certificateSigningRequest

Use the POST method to generate a Certificate Signing Request (CSR).

Authentication

Authentication with user name and password is required.

Request URL

POST https://<management_server_IP>/certificateSigningRequest

Query parameters

None

Request body

Attributes Required / Optional Type Description
CommonName Optional String Name of the certificate owner. Typically, this is the fully-qualified domain name (FQDN) or IP address of the server that is using the certificate (for example, www.domainname.com or 10.15.23.99)

The length of this value cannot exceed 63 characters.

The default is LXCA.

Country Optional String Two-letter ISO 3166 code for the country or region of origin associated with the certificate organization (for example, US for the United States)

The default is US.

Organization Optional String Organization (company) that is to own the certificate. Typically, this is the legal incorporate name of a company. It should include any suffixes, such as Ltd., Inc., or Corp (for example, ACME International Ltd.)

The length of this value cannot exceed 60 characters.

The default is generated by the server firmware.

OrganizationUnit Optional String Organizational unit that will own the certificate (for example, ABC Division)

The length of this value cannot exceed 60 characters.

The default is None.

StateLocality Optional String Full name of the locality (city) to be associated with the certificate (for example, San Jose)

The length of the value cannot exceed 50 characters.

The default is Raleigh.

StateProvince Optional String Full name of the state or province to be associated with the certificate (for example, California or New Brunswick)

The length of this value cannot exceed 60 characters.

The default is North Carolina.

subjectAlternativeNames Optional Object Information about the Subject Alternative Names (SANs) to be included in Certificate Signing Requests
  generalNames Required Array of objects List of Subject Alternative Names to be included in Certificate Signing Requests
    name Required String Subject Alternative Name
    type Required String RFC 5280 GeneralName type of this Subject Alternative Name

Request example

{
   "CommonName": "LXCA"
   "Country": "US",
   "Organization": "ACME International Ltd.",
   "OrganizationUnit": "ABC Division",
   "StateLocality": "Raleigh",
   "StateProvince": "North Carolina",
   "subjectAlternativeNames": {
      "generalNames": [{
         "type": "dNSName",
         "name": "New-LXCA"
      },
      {
         "type": "iPAddress",
         "name": "192.0.2.0"
      }]
   }
}

Response codes

Code Description
200 OK. The request completed successfully.
400 Bad request. A descriptive error message will be returned in the body.
404 Not found. The specified URI is not valid. A descriptive error message will be returned in the body.
500 Internal server error. A descriptive error message will be returned in the body.

Response body

Attributes Type Description
response Array  
  path String Identifier that can used to reference the generated CSR on subsequent GET and DELETE requests
result String Results of the request . This can be one of the following values:
  • success. The request completed successfully.
  • failure. The request failed. A descriptive error message was returned.
messages Array Information about one or more messages
  explanation String Additional information to clarify the reason for the message
  id String Message identifier of a returned message
  recovery Array Recovery information
    text String User actions that can be taken to recover from the event
    URL String Link to the help system for more information, if available
  text String Message text associated with the message identifier

Response example

{
    "response": {
        "path": "1"
    },
    "result": "success",
    "messages": [{
        "explanation": "",
        "id": "FQXHMSE0001I",
        "recovery": {
            "text": "Information only; no action is required.",
            "URL": ""
        },
        "text": "The request completed successfully."
    }]
}