POST – Generate CSR
Use the POST method to generate a certificate signing request.
Request URL
GET https://<BMC_IPADDR>/redfish/v1/CertificateService/Actions/CertificateService.GenerateCSR
Request body
Field | Type | Description | |
|---|---|---|---|
CertificateCollection | Object | Required. The link to the certificate collection where the certificate is installed after the certificate authority (CA) signs the certificate. | |
@odata.id | Link | Required. Allowable value: “/redfish/v1/Managers/1/NetworkProtocol/HTTPS/Certificates” | |
Country | String | Required. The two-letter country code of the organization making the request. | |
City | String | Required. The city or locality of the organization making the request. | |
CommonName | String | Required. The fully qualified domain name of the component to secure. | |
State | String | Required. The state, province, or region of the organization making the request. | |
Organization | String | Required. The name of the organization making the request. | |
AlternativeNames | Array | Optional. The additional host names of the component to secure. | |
AlternativeNames[N] | String | The additional host names of the component to secure. | |
KeyUsage | Array | Optional. The usage of the key contained in the certificate. | |
KeyUsage[N] | String | Any of “DigitalSignature”, “NonRepudiation” or “KeyEncipherment”. | |
ChallengePassword | String | Optional. The challenge password to apply to the certificate for revocation requests. | |
ContactPerson | String | Optional. The name of the user making the request. | |
String | Optional. The email address of the contact within the organization making the request. | ||
GivenName | String | Optional. The given name of the user making the request. | |
Initials | String | Optional. The initials of the user making the request. | |
KeyCurveId | String | Optional. The curve ID to use with the key, if needed based on the KeyPairAlgorithm parameter value. | |
KeyPairAlgorithm | String | Optional. The type of key-pair for use with signing algorithms. | |
OrganizationalUnit | String | Optional. The name of the unit or division of the organization making the request. | |
Surname | String | Optional. The surname of the user making the request. | |
UnstructuredName | String | Optional. The unstructured name of the subject. | |
Response body
| Field | Type | Description |
|---|---|---|
CSRString | String | The string for the certificate signing request. |
CertificateCollection | Link | The link to the certificate collection where the certificate is installed. |
Status code
| HTTP Status Code | Error Message ID |
|---|---|
| 400 | BadRequest, ActionParamMissing , ActionParamTypeError , ActionParamFormatError |
| 500 | InternalError |
Example
The POST body is filled as below:
{
"CertificateCollection": {
"@odata.id": "/redfish/v1/Managers/1/NetworkProtocol/HTTPS/Certificates"
},
"Country": "CN",
"City": "SH",
"CommonName": "XCC-7Z60-SN",
"State": "SH",
"Organization": "Lenovo"
}
The following example JSON response is returned.
{
"CertificateCollection": {
"@odata.id": "/redfish/v1/Managers/1/NetworkProtocol/HTTPS/Certificates"
},
"CSRString": "-----BEGIN CERTIFICATE REQUEST-----\nMIICFDCCAZsCAQAwTjELMAkGA1UEBhMCQ04xCzAJBgNVBAgMAlNIMQswCQYDVQQHDAJTSDEPMA0GA1UECgwGTGVub3ZvMRQwEgYDVQQDDAtYQ0MtN1o2MC1TTjB2MBAGByqGSM49AgEGBSuBBAAiA2IABORbulFysxyzVYaYLy4qcULlJS3fWWLPdRimFsIlrrtdoRsrDEV2B7ChQRdpvNpDr3YFVySIlIPIRUNn1wRob9vSiTb2huXBB2sP5mUh1i5voUVwohSAd5mLSOgLKAj70aCBzTCBygYJKoZIhvcNAQkOMYG8MIG5MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMIGeBgNVHREEgZYwgZOCC1hDQy03WjYwLVNOhxD+gAAAAAAAAAqU7//+q5mzgilmZTgwLS1hOTQtZWZmZi1mZWFiLTk5YjMuaXB2Ni1saXRlcmFsLm5ldIcECmjFSIcQ/oAAAAAAAAAKlO///quZtIIpZmU4MC0tYTk0LWVmZmYtZmVhYi05OWI0LmlwdjYtbGl0ZXJhbC5uZXSHBKn+X3YwCgYIKoZIzj0EAwIDZwAwZAIwdCdbejk+ai7nKL6gz7IE2jHTXuxOGzqioC10lQOqQAtOp4fhcM/4Gt4+w1HfxnrEAjBzIoYSls0iLYxb0jGIJVcBg9liBOqTbYHXPSK5WaawdKnTo6OC+jPUJr2Z5PPDB5Q=\n-----END CERTIFICATE REQUEST-----"
}