更新时间:2024-02-28 GMT+08:00
分享

验证设备CA证书

功能介绍

应用服务器可调用此接口在物联网平台验证设备的CA证书,目的是为了验证用户持有设备CA证书的私钥

调用方法

请参见如何调用API

URI

POST /v5/iot/{project_id}/certificates/{certificate_id}/action

表1 路径参数

参数

是否必选

参数类型

描述

project_id

String

项目ID。获取方法请参见 获取项目ID

certificate_id

String

设备CA证书ID,在上传设备CA证书时由平台分配的唯一标识。

最小长度:1

最大长度:36

表2 Query参数

参数

是否必选

参数类型

描述

action_id

String

对证书执行的操作,当前仅支持verify:校验证书

请求参数

表3 请求Header参数

参数

是否必选

参数类型

描述

X-Auth-Token

String

用户Token。通过调用IAM服务 获取IAM用户Token接口获取,接口返回的响应消息头中“X-Subject-Token”就是需要获取的用户Token。简要的获取方法样例请参见 Token认证。。

Instance-Id

String

实例ID。物理多租下各实例的唯一标识,建议携带该参数,在使用专业版时必须携带该参数。您可以在IoTDA管理控制台界面,选择左侧导航栏“总览”页签查看当前实例的ID,具体获取方式请参考查看实例详情

表4 请求Body参数

参数

是否必选

参数类型

描述

verify_content

String

验证证书的内容信息。

最小长度:1

最大长度:65535

响应参数

请求示例

验证设备CA证书。

POST https://{endpoint}/v5/iot/{project_id}/certificates/{certificate_id}/action

{
  "verify_content" : "-----BEGIN CERTIFICATE-----\nMIIDnzCCAocCCQCs5+qyyItl5TANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMC\nQ04xETAPBgNVBAgMCEd1YW5kb25nMREwDwYDVQQHDAhTaGVuemhlbjEPMA0GA1UE\nCgwGSHVhd2VpMQwwCgYDVQQLDANpb3QxEjAQBgNVBAMMCTEyMzQ1Njc4OTEaMBgG\nCSqGSIb3DQEJARYLZGprYUBxcS5jb20wHhcNMTkxMjE5MTMyMTM3WhcNMjEwNTAy\nMTMyMTM3WjCBnzELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCUd1YW5nZG9uZzERMA8G\nA1UEBwwIU2hlbnpoZW4xDzANBgNVBAoMBm9yaWdpbjENMAsGA1UECwwEdW5pdDEt\nMCsGA1UEAwwkMmM4YjU5MDUtYjM0YS00YjY0LTgxMTItZjZjMDQ3YWUwNjVjMRow\nGAYJKoZIhvcNAQkBFgtqbGtqQHFxLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP\nADCCAQoCggEBAM72QUzoadvLfxGjt3UFoZ4MJbblqnRbouO4KpOVHBXyS2yQVl4C\nWWMhLh4pp2efNUSqKuXHjY3r68PquyNnYk8zO59zVc7JHvjGkBvo7DgPRAhEKPLJ\nIpRzkmlCBbxwTNCjc3FovGb/sHHNlpGncCKUzMfPGNZuBiuemskuEXL/eMHxDPbX\nYWn4Wq0wt+28PKUL5jybY7nsXSNnmAPFTO0CAmq0meUukubT/jHDCQ78ihQ/iqw1\nRNq88aCqRleoHiGg5nWkjL+05GXqUrqVVnZNL+YqcXzuVMs5XgyhNM2AsuH2g3D8\nZuF6Dj9qY1n/v/Cp/DGpxP3A74SlplnFD/0CAwEAATANBgkqhkiG9w0BAQsFAAOC\nAQEAh1SF1Z/p8nT7k8868lLNBZrIcErMlkFdghn2HRYyw5iilDXL28lJEBax2X1M\nNl2fD/rov9gwxhyrBZD2YkevL8k+DXcVpVEoozwpUR3p79YEyT0E3jI67G/EiB2h\n+o7+deDlH7d7Li/ZOSQC6JTSLshBhi+B8CQmYYt6YCjN7Rswbf1Z8bsQNrcsxW36\nZM3uG3i9GrEktypTNXMRUbG5gngaFKbRGGUPWNYdNXQeXUW9cpj8HAyndESEwAYz\ntLKHdnM874P8ZAmRkijZoToOCMcT0s8l8SoYUR7iWI0E08KYzAPgLX9Xvw42GCEF\nb2TJfnOIwhu8gFf7cwlCGC+gRA==\n-----END CERTIFICATE-----"
}

响应示例

SDK代码示例

SDK代码示例如下。

Java

验证设备CA证书。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.AbstractCredentials;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.iotda.v5.region.IoTDARegion;
import com.huaweicloud.sdk.iotda.v5.*;
import com.huaweicloud.sdk.iotda.v5.model.*;


public class CheckCertificateSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withDerivedPredicate(AbstractCredentials.DEFAULT_DERIVED_PREDICATE) // Used in derivative ak/sk authentication scenarios
                .withAk(ak)
                .withSk(sk);

        IoTDAClient client = IoTDAClient.newBuilder()
                .withCredential(auth)
                .withRegion(IoTDARegion.valueOf("<YOUR REGION>"))
                .build();
        CheckCertificateRequest request = new CheckCertificateRequest();
        request.withActionId("<action_id>");
        VerifyCertificateDTO body = new VerifyCertificateDTO();
        body.withVerifyContent("-----BEGIN CERTIFICATE-----
MIIDnzCCAocCCQCs5+qyyItl5TANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMC
Q04xETAPBgNVBAgMCEd1YW5kb25nMREwDwYDVQQHDAhTaGVuemhlbjEPMA0GA1UE
CgwGSHVhd2VpMQwwCgYDVQQLDANpb3QxEjAQBgNVBAMMCTEyMzQ1Njc4OTEaMBgG
CSqGSIb3DQEJARYLZGprYUBxcS5jb20wHhcNMTkxMjE5MTMyMTM3WhcNMjEwNTAy
MTMyMTM3WjCBnzELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCUd1YW5nZG9uZzERMA8G
A1UEBwwIU2hlbnpoZW4xDzANBgNVBAoMBm9yaWdpbjENMAsGA1UECwwEdW5pdDEt
MCsGA1UEAwwkMmM4YjU5MDUtYjM0YS00YjY0LTgxMTItZjZjMDQ3YWUwNjVjMRow
GAYJKoZIhvcNAQkBFgtqbGtqQHFxLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM72QUzoadvLfxGjt3UFoZ4MJbblqnRbouO4KpOVHBXyS2yQVl4C
WWMhLh4pp2efNUSqKuXHjY3r68PquyNnYk8zO59zVc7JHvjGkBvo7DgPRAhEKPLJ
IpRzkmlCBbxwTNCjc3FovGb/sHHNlpGncCKUzMfPGNZuBiuemskuEXL/eMHxDPbX
YWn4Wq0wt+28PKUL5jybY7nsXSNnmAPFTO0CAmq0meUukubT/jHDCQ78ihQ/iqw1
RNq88aCqRleoHiGg5nWkjL+05GXqUrqVVnZNL+YqcXzuVMs5XgyhNM2AsuH2g3D8
ZuF6Dj9qY1n/v/Cp/DGpxP3A74SlplnFD/0CAwEAATANBgkqhkiG9w0BAQsFAAOC
AQEAh1SF1Z/p8nT7k8868lLNBZrIcErMlkFdghn2HRYyw5iilDXL28lJEBax2X1M
Nl2fD/rov9gwxhyrBZD2YkevL8k+DXcVpVEoozwpUR3p79YEyT0E3jI67G/EiB2h
+o7+deDlH7d7Li/ZOSQC6JTSLshBhi+B8CQmYYt6YCjN7Rswbf1Z8bsQNrcsxW36
ZM3uG3i9GrEktypTNXMRUbG5gngaFKbRGGUPWNYdNXQeXUW9cpj8HAyndESEwAYz
tLKHdnM874P8ZAmRkijZoToOCMcT0s8l8SoYUR7iWI0E08KYzAPgLX9Xvw42GCEF
b2TJfnOIwhu8gFf7cwlCGC+gRA==
-----END CERTIFICATE-----");
        request.withBody(body);
        try {
            CheckCertificateResponse response = client.checkCertificate(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Python

验证设备CA证书。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# coding: utf-8

from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkcore.auth.credentials import DerivedCredentials
from huaweicloudsdkiotda.v5.region.iotda_region import IoTDARegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkiotda.v5 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = __import__('os').getenv("CLOUD_SDK_AK")
    sk = __import__('os').getenv("CLOUD_SDK_SK")

    credentials = BasicCredentials(ak, sk) \
            .with_derived_predicate(DerivedCredentials.get_default_derived_predicate()) \

    client = IoTDAClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(IoTDARegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CheckCertificateRequest()
        request.action_id = "<action_id>"
        request.body = VerifyCertificateDTO(
            verify_content="-----BEGIN CERTIFICATE-----
MIIDnzCCAocCCQCs5+qyyItl5TANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMC
Q04xETAPBgNVBAgMCEd1YW5kb25nMREwDwYDVQQHDAhTaGVuemhlbjEPMA0GA1UE
CgwGSHVhd2VpMQwwCgYDVQQLDANpb3QxEjAQBgNVBAMMCTEyMzQ1Njc4OTEaMBgG
CSqGSIb3DQEJARYLZGprYUBxcS5jb20wHhcNMTkxMjE5MTMyMTM3WhcNMjEwNTAy
MTMyMTM3WjCBnzELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCUd1YW5nZG9uZzERMA8G
A1UEBwwIU2hlbnpoZW4xDzANBgNVBAoMBm9yaWdpbjENMAsGA1UECwwEdW5pdDEt
MCsGA1UEAwwkMmM4YjU5MDUtYjM0YS00YjY0LTgxMTItZjZjMDQ3YWUwNjVjMRow
GAYJKoZIhvcNAQkBFgtqbGtqQHFxLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM72QUzoadvLfxGjt3UFoZ4MJbblqnRbouO4KpOVHBXyS2yQVl4C
WWMhLh4pp2efNUSqKuXHjY3r68PquyNnYk8zO59zVc7JHvjGkBvo7DgPRAhEKPLJ
IpRzkmlCBbxwTNCjc3FovGb/sHHNlpGncCKUzMfPGNZuBiuemskuEXL/eMHxDPbX
YWn4Wq0wt+28PKUL5jybY7nsXSNnmAPFTO0CAmq0meUukubT/jHDCQ78ihQ/iqw1
RNq88aCqRleoHiGg5nWkjL+05GXqUrqVVnZNL+YqcXzuVMs5XgyhNM2AsuH2g3D8
ZuF6Dj9qY1n/v/Cp/DGpxP3A74SlplnFD/0CAwEAATANBgkqhkiG9w0BAQsFAAOC
AQEAh1SF1Z/p8nT7k8868lLNBZrIcErMlkFdghn2HRYyw5iilDXL28lJEBax2X1M
Nl2fD/rov9gwxhyrBZD2YkevL8k+DXcVpVEoozwpUR3p79YEyT0E3jI67G/EiB2h
+o7+deDlH7d7Li/ZOSQC6JTSLshBhi+B8CQmYYt6YCjN7Rswbf1Z8bsQNrcsxW36
ZM3uG3i9GrEktypTNXMRUbG5gngaFKbRGGUPWNYdNXQeXUW9cpj8HAyndESEwAYz
tLKHdnM874P8ZAmRkijZoToOCMcT0s8l8SoYUR7iWI0E08KYzAPgLX9Xvw42GCEF
b2TJfnOIwhu8gFf7cwlCGC+gRA==
-----END CERTIFICATE-----"
        )
        response = client.check_certificate(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Go

验证设备CA证书。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    iotda "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iotda/v5"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iotda/v5/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/iotda/v5/region"
    core_auth "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithDerivedPredicate(core_auth.GetDefaultDerivedPredicate()). // Used in derivative ak/sk authentication scenarios
        Build()

    client := iotda.NewIoTDAClient(
        iotda.IoTDAClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CheckCertificateRequest{}
	request.ActionId = "<action_id>"
	request.Body = &model.VerifyCertificateDto{
		VerifyContent: "-----BEGIN CERTIFICATE-----
MIIDnzCCAocCCQCs5+qyyItl5TANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMC
Q04xETAPBgNVBAgMCEd1YW5kb25nMREwDwYDVQQHDAhTaGVuemhlbjEPMA0GA1UE
CgwGSHVhd2VpMQwwCgYDVQQLDANpb3QxEjAQBgNVBAMMCTEyMzQ1Njc4OTEaMBgG
CSqGSIb3DQEJARYLZGprYUBxcS5jb20wHhcNMTkxMjE5MTMyMTM3WhcNMjEwNTAy
MTMyMTM3WjCBnzELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCUd1YW5nZG9uZzERMA8G
A1UEBwwIU2hlbnpoZW4xDzANBgNVBAoMBm9yaWdpbjENMAsGA1UECwwEdW5pdDEt
MCsGA1UEAwwkMmM4YjU5MDUtYjM0YS00YjY0LTgxMTItZjZjMDQ3YWUwNjVjMRow
GAYJKoZIhvcNAQkBFgtqbGtqQHFxLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM72QUzoadvLfxGjt3UFoZ4MJbblqnRbouO4KpOVHBXyS2yQVl4C
WWMhLh4pp2efNUSqKuXHjY3r68PquyNnYk8zO59zVc7JHvjGkBvo7DgPRAhEKPLJ
IpRzkmlCBbxwTNCjc3FovGb/sHHNlpGncCKUzMfPGNZuBiuemskuEXL/eMHxDPbX
YWn4Wq0wt+28PKUL5jybY7nsXSNnmAPFTO0CAmq0meUukubT/jHDCQ78ihQ/iqw1
RNq88aCqRleoHiGg5nWkjL+05GXqUrqVVnZNL+YqcXzuVMs5XgyhNM2AsuH2g3D8
ZuF6Dj9qY1n/v/Cp/DGpxP3A74SlplnFD/0CAwEAATANBgkqhkiG9w0BAQsFAAOC
AQEAh1SF1Z/p8nT7k8868lLNBZrIcErMlkFdghn2HRYyw5iilDXL28lJEBax2X1M
Nl2fD/rov9gwxhyrBZD2YkevL8k+DXcVpVEoozwpUR3p79YEyT0E3jI67G/EiB2h
+o7+deDlH7d7Li/ZOSQC6JTSLshBhi+B8CQmYYt6YCjN7Rswbf1Z8bsQNrcsxW36
ZM3uG3i9GrEktypTNXMRUbG5gngaFKbRGGUPWNYdNXQeXUW9cpj8HAyndESEwAYz
tLKHdnM874P8ZAmRkijZoToOCMcT0s8l8SoYUR7iWI0E08KYzAPgLX9Xvw42GCEF
b2TJfnOIwhu8gFf7cwlCGC+gRA==
-----END CERTIFICATE-----",
	}
	response, err := client.CheckCertificate(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

更多

更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。

状态码

状态码

描述

200

OK

400

Bad Request

403

Forbidden

404

Not Found

500

Internal Server Error

错误码

请参见错误码

分享:

    相关文档

    相关产品