Obtain the CA Certificate List
Function
This API is used by an application to obtain the CA certificate list on the platform.
Debugging
You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.
Authorization Information
Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
- If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
- If you are using identity policy-based authorization, the following identity policy-based permissions are required.
Action
Access Level
Resource Type (*: required)
Condition Key
Alias
Dependencies
iotda:certificates:queryList
List
app *
-
-
-
-
g:EnterpriseProjectId
URI
GET /v5/iot/{project_id}/certificates
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Project ID. For details about how to obtain the project ID, see Obtaining a Project ID. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
app_id |
No |
String |
Resource space ID. This parameter is optional. If you have multiple resource spaces, you can specify this parameter to query certificates in the specified resource space. If this parameter is not carried, certificates in all resource spaces are queried. |
|
limit |
No |
Integer |
Number of records to be displayed on each page. The value is an integer ranging from 1 to 50. The default value is 10. |
|
marker |
No |
String |
ID of the last record in the previous query. The value is returned by the platform during the previous query. Records are queried in descending order of record IDs (the marker value). A newer record will have a larger ID. If marker is specified, only the records whose IDs are smaller than marker are queried. If marker is not specified, the query starts from the record with the largest ID, that is, the latest record. If all data needs to be queried in sequence, this parameter must be filled with the value of marker returned in the last query response each time. |
|
offset |
No |
Integer |
If offset is set to N, the query starts from the N+1 record after the last record in the previous query. The value is an integer ranging from 0 to 500. The default value is 0. If offset is set to 0, the output starts from the first record after the last record in the previous query. To ensure API performance, you can use this parameter together with marker to turn pages. For example, if there are 50 records on each page, you can directly specify offset to jump to the specified page within page 1 and 11. If you want to view records displayed on pages 12 to 22, you need to use the marker value returned on page 11 as the marker value for the next query. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
Instance-Id |
No |
String |
Instance ID. Unique identifier of each instance in the physical multi-tenant scenario. Mandatory for professional editions and recommended in other cases. Log in to the IoTDA console and choose Overview in the navigation pane to view the instance ID. For details, see Viewing Instance Details. |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
certificates |
Array of CertificatesRspDTO objects |
Certificate list. |
|
page |
Page object |
Pagination information of the query results. |
|
Parameter |
Type |
Description |
|---|---|---|
|
certificate_id |
String |
Unique CA certificate ID, allocated by the platform when the certificate is uploaded. |
|
cn_name |
String |
CN of the CA certificate. |
|
owner |
String |
Owner of the CA certificate. |
|
status |
Boolean |
Verification status of the CA certificate. true indicates that the certificate has been verified and can be used for device access authentication. false indicates that the certificate does not pass the verification. |
|
verify_code |
String |
Verification code of the CA certificate. |
|
provision_enable |
Boolean |
Whether to enable the self-registration capability. The options are true (yes) and false (no). If this parameter is set to true, this function must be used together with the pre-provisioning function. |
|
template_id |
String |
ID of the bound pre-provisioning template. |
|
ocsp_enable |
Boolean |
Whether to enable OCSP verification for device certificates issued by the CA certificate. Options: true (enabled) and false (disabled). If this parameter is set to true and the device certificate information contains the OCSP URL, the platform verifies the certificate status. If the certificate status is revoked, the platform rejects the device connection. |
|
ocsp_server_ca_id |
String |
ID of the CA certificate on the OCSP server. This parameter is mandatory only when SSL is enabled on the OCSP server. The platform uses the CA certificate to authenticate the OCSP server. |
|
ocsp_ssl_enable |
Boolean |
Whether SSL encryption is enabled on the OCSP server. If SSL encryption is enabled, the CA certificate of the OCSP server must be configured. |
|
create_date |
String |
Time when the certificate was created. The value is in the format of yyyyMMdd'T'HHmmss'Z', for example, 20151212T121212Z. |
|
effective_date |
String |
Time when the CA certificate starts to take effect. The value is in the format of yyyyMMdd'T'HHmmss'Z', for example, 20151212T121212Z. |
|
expiry_date |
String |
Time when CA certificate expires. The value is in the format of yyyyMMdd'T'HHmmss'Z', for example, 20151212T121212Z. |
Example Requests
Obtains the CA certificate list.
GET https://{endpoint}/v5/iot/{project_id}/certificates
Example Responses
Status code: 200
OK
{
"certificates" : [ {
"certificate_id" : "string",
"cn_name" : "string",
"owner" : "string",
"status" : true,
"verify_code" : "string",
"create_date" : "20191212T121212Z",
"effective_date" : "20191212T121212Z",
"expiry_date" : "20221212T121212Z",
"provision_enable" : true,
"template_id" : "61c970ce2d63eb6ee655dbf0",
"ocsp_enable" : "false,",
"ocsp_server_ca_id" : "60fa667369d4840337930aec",
"ocsp_ssl_enable" : true
} ],
"page" : {
"count" : 100,
"marker" : "5c8f3d2d3df1f10d803adbda"
}
}
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
403 |
Forbidden |
|
500 |
Internal Server Error |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
