Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-7008

REST endpoint to search for certificates

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: EJBCA 6.14.0
    • Fix Version/s: EJBCA 6.14.0
    • Component/s: None
    • Labels:

      Description

      Input: v1/certificate/searchCerts (or findCerts?)
      Parameters:

      • Match with (String)
      • Match value (String)
           (or perhaps a concatenated query object with the two above?)
      • Max results (Integer) Should probably have a hard max limit as well

      Output: JSON list of certificates.

      Have a look at the current implementation is EjbcaWS.findUser() and clues you shall find...

      To test this functionality:

      Make post request on https://localhost:8443/ejbca/ejbca-rest-api/v1/certificate/search

      The structure for search request JSON body is the following:

      {
        "max_number_of_results": 10,
        "criteria": [
          {
            "property": "QUERY",
            "value": "STRING VALUE",
            "operation": "STRING OPERATION" 
          },
          {
            "property": "END_ENTITY_PROFILE",
            "value": "INTEGER VALUE",
            "operation": "EQUAL"
          },
          {
            "property": "CERTIFICATE_PROFILE",
            "value": "INTEGER VALUE",
            "operation": "EQUAL"
          },
          {
            "property": "CA",
            "value": "INTEGER VALUE",
            "operation": "EQUAL"
          },
          {
            "property": "STATUS",
            "value": "STATUS STRING VALUE",
            "operation": "EQUAL"
          },
          {
            "property": "ISSUED_DATE",
            "value": "DATE VALUE", 
            "operation": "DATE OPERATION" 
          },
          {
            "property": "EXPIRE_DATE",
            "value": "DATE VALUE",
            "operation": "DATE OPERATION"
          },
          {
            "property": "REVOCATION_DATE",
            "value": "DATE VALUE",
            "operation": "DATE OPERATION"
          }
        ]
      }
      

      where:
      STRING OPERATION - 'EQUAL' or 'LIKE'
      INTEGER VALUE - Integer identifier of End Entity Profile, Certificate Profile or CA
      STATUS STRING VALUE - One of 'CERT_ACTIVE, 'CERT_REVOKED', 'REVOCATION_REASON_UNSPECIFIED', 'REVOCATION_REASON_KEYCOMPROMISE', 'REVOCATION_REASON_CACOMPROMISE', 'REVOCATION_REASON_AFFILIATIONCHANGED', 'REVOCATION_REASON_SUPERSEDED', 'REVOCATION_REASON_CESSATIONOFOPERATION', 'REVOCATION_REASON_CERTIFICATEHOLD', 'REVOCATION_REASON_REMOVEFROMCRL', 'REVOCATION_REASON_PRIVILEGESWITHDRAWN', 'REVOCATION_REASON_AACOMPROMISE'
      DATE VALUE - ISO 8601 Date string eg. '2018-06-15T14:07:09Z'
      DATE OPERATION - 'BEFORE' or 'AFTER'

      An example of JSON body:

      {
        "max_number_of_results": 10,
        "criteria": [
          {
            "property": "QUERY",
            "value": "Superadmin",
            "operation": "LIKE"
          },
          {
            "property": "END_ENTITY_PROFILE",
            "value": "1652389506",
            "operation": "EQUAL"
          },
          {
            "property": "CERTIFICATE_PROFILE",
            "value": "1652389507",
            "operation": "EQUAL"
          },
          {
            "property": "CA",
            "value": "1652389508",
            "operation": "EQUAL"
          },
          {
            "property": "ISSUED_DATE",
            "value": "2018-06-15T14:07:09Z",
            "operation": "AFTER"
          }
        ]
      }
      

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                andrey_helmes Andrey Sergeev
                Reporter:
                hsunmark Henrik Sunmark
                Verified by:
                Henrik Sunmark
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 3 days Original Estimate - 3 days
                  3d
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 weeks, 2 days, 2 hours, 30 minutes
                  2w 2d 2h 30m