Skip to main content

Enroll or provision a certificate

POST 

/vedsdk/certificates/Request

Enrolls or provisions a new certificate.

If the certificate already exists, the current certificate archives to the History tab and the CA receives a new certificate request.

Based on Policy tree settings, you can use a single Certificates/Request call to enroll or provision. The same request can also:

  • Create one or more devices that will use the same certificate.
  • Allow one or more applications that run on a device to use the same certificate.
  • Create a certificate for an elastic instance. After the instance terminates, a tool, such as an Instance Watcher, can automatically clean up the certificate(and associated objects).
  • Set Custom Field values on a Certificate object. After a successful enrollment or provision, the certificate appears in the Policy folder.However, if the issuing CA overrode values in the CSR, for example Organization Unit(OU), some fields may be empty.

NOTE: Unless the WorkToDoTimeout parameter is specified, this method will immediately return. If you want to wait for the certificate to be issued and returned in the response, specify how long you are willing to wait via WorkToDoTimeout.

Result code:

  • 200 will be returned if the certificate request was accepted and the WorkToDoTimeout was not set.
  • 200 will be returned if the WorkToDoTimeout was set and the certificate is included in the response.
  • 202 will be returned if the certificate issuance is still pending. In this case, use the /certificate/retrieve endpoint to obtain the certificate after it is issued.

Required scope: certificate:manage

Request

Responses

The certificate request was accepted and the WorkToDoTimeout was not set, OR WorkToDoTimeout was set and the certificate is included in the response.