Skip to main content

POST – Generate CSR

Use the POST method to generate a certificate signing request.

Request URL

GET https://<BMC_IPADDR>/redfish/v1/CertificateService/Actions/CertificateService.GenerateCSR

Request body

Field

Type

Description

CertificateCollection

Object

Required. The link to the certificate collection where the certificate is installed after the certificate authority (CA) signs the certificate.

 

@odata.id

Link

Required. Allowable value: “/redfish/v1/Managers/1/NetworkProtocol/HTTPS/Certificates”

Country

String

Required. The two-letter country code of the organization making the request.

City

String

Required. The city or locality of the organization making the request.

CommonName

String

Required. The fully qualified domain name of the component to secure.

State

String

Required. The state, province, or region of the organization making the request.

Organization

String

Required. The name of the organization making the request.

AlternativeNames

Array

Optional. The additional host names of the component to secure.

KeyUsage

Array

Optional. The usage of the key contained in the certificate.

 

KeyUsage[N]

String

Any of “DigitalSignature”, “NonRepudiation” or “KeyEncipherment”.

ChallengePassword

String

Optional. The challenge password to apply to the certificate for revocation requests.

ContactPerson

String

Optional. The name of the user making the request.

Email

String

Optional. The email address of the contact within the organization making the request.

GivenName

String

Optional. The given name of the user making the request.

Initials

String

Optional. The initials of the user making the request.

KeyCurveId

String

Optional. The curve ID to use with the key, if needed based on the KeyPairAlgorithm parameter value.

KeyPairAlgorithm

String

Optional. The type of key-pair for use with signing algorithms.

OrganizationalUnit

String

Optional. The name of the unit or division of the organization making the request.

Surname

String

Optional. The surname of the user making the request.

UnstructuredName

String

Optional. The unstructured name of the subject.

Response body

FieldTypeDescription

CSRString

String

The string for the certificate signing request.

CertificateCollection

Link

The link to the certificate collection where the certificate is installed.

Status code

HTTP Status CodeError Message ID
400BadRequest, ActionParamMissing , ActionParamTypeError , ActionParamFormatError
500InternalError

Example

The POST body is filled as below:

{
"CertificateCollection": {
"@odata.id": "/redfish/v1/Managers/1/NetworkProtocol/HTTPS/Certificates"
},
"Country": "CN",
"City": "SH",
"CommonName": "XCC-7Z60-SN",
"State": "SH",
"Organization": "Lenovo"
}

The following example JSON response is returned.

{
"CertificateCollection": {
"@odata.id": "/redfish/v1/Managers/1/NetworkProtocol/HTTPS/Certificates"
},
"CSRString": "-----BEGIN CERTIFICATE REQUEST-----\nMIICFDCCAZsCAQAwTjELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAlNIMQswCQYDVQQHDAJTSDEPMA0GA1UECgwGTGVub3ZvMRQwEgYDVQQDDAtYQ0MtN1o2MC1TTjB2MBAGByqGSM49AgEGBSuBBAAiA2IABORbulFysxyzVYaYLy4qcULlJS3fWWLPdRimFsIlrrtdoRsrDEV2B7ChQRdpvNpDr3YFVySIlIPIRUNn1wRob9vSiTb2huXBB2sP5mUh1i5voUVwohSAd5mLSOgLKAj70aCBzTCBygYJKoZIhvcNAQkOMYG8MIG5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMIGeBgNVHREEgZYwgZOCC1hDQy03WjYwLVNOhxD+gAAAAAAAAAqU7//+q5mzgilmZTgwLS1hOTQtZWZmZi1mZWFiLTk5YjMuaXB2Ni1saXRlcmFsLm5ldIcECmjFSIcQ/oAAAAAAAAAKlO///quZtIIpZmU4MC0tYTk0LWVmZmYtZmVhYi05OWI0LmlwdjYtbGl0ZXJhbC5uZXSHBKn+X3YwCgYIKoZIzj0EAwIDZwAwZAIwdCdbejk+ai7nKL6gz7IE2jHTXuxOGzqioC10lQOqQAtOp4fhcM/4Gt4+w1HfxnrEAjBzIoYSls0iLYxb0jGIJVcBg9liBOqTbYHXPSK5WaawdKnTo6OC+jPUJr2Z5PPDB5Q=\n-----END CERTIFICATE REQUEST-----"
}