V2.0 List Certificate


List the certificates bound to the specified device.


This API is available in EnOS 2.1.0 and above.

Operation Permissions


Before invoking this API, ensure that the service account has been authorized the policy that includes the following service(s) and action permission(s). For how to authorize the service account, see Managing Service Accounts.


Required Service

Required Operation Permission

Certificate

Read

Request Format

GET https://{apigw-address}/connect-service/v2.0/certificates?action=list

Request Parameters (URI)

Note

Use one of the following methods to specify the device:

  • Include assetId in the request

  • Include productKey + deviceKey in the request

Request Parameters (URI)

Name

Location (Path/Query)

Mandatory/Optional

Data Type

Description

orgId

Query

Mandatory

String

The organization ID which the asset belongs to. How to get Organization ID>>

assetId

Query

Optional (See Note above)

String

The asset ID. How to get assetId>>

productKey

Query

Optional (See Note above)

String

The product key. To be used with deviceKey .

deviceKey

Query

Optional (See Note above)

String

The device key. To be used with productKey .

Response Parameters

Response Parameters

Name

Data Type

Description

data

Array of DeviceCertDetailInfo Structs

A list of the certificates returned. For most cases, only one certificate will be returned. If the asset has multiple certificates, only one is valid. For details of a DeviceCertDetailInfo Struct, see the table below.

DeviceCertDetailInfo Struct

DeviceCertDetailInfo Object

Name

Data Type

Description

certSN

String

The certificate number

cert

String

The certificate content.

certStatus

Integer

Certificate Status: - 0: Valid - 1: Revoked - 2: Expired

issuer

String

The information of the certificate authority.

subject

String

The request requestor information.

signDate

Long

The timestamp when the certificate was issued.

effectiveDate

Long

The timestamp when the certificate comes into effect.

expireDate

Long

The timestamp when the certificate expired.

revoker

String

The entity that revokes the certificate. Required only if certStatus is 1.

revokerReason

String

The reason why the certificate is revoked. Required only if certStatus is 1.

Error Codes

Code

Type

Solution

99400

invalid argument: The device identifier is invalid

Specify (assetId) or (productKey + deviceKey) in your request.

99400

Call ca error!: Certificate service err info:, code: (code), message: (message content), detail message: (detailed message content)

Refer to the “message” and “detailed message”.

99400

Query cert is failed!message: (message content), detail message: (detailed message content)

Refer to the “message” and “detailed message”.

99400

When calling Certificate Services, the call parameters are invalid.message: (message content), detail message: (detailed message content)

Refer to the “message” and “detailed message”.

11404

Device cannot be found

Ensure that the device exists and is registerd on EnOS.

99500

Internal error of certificate service.

Refer to your EnOS administrator.

99500

Internal error of product service.

Refer to your EnOS administrator.

99500

Internal error of IoT hub service.

Refer to your EnOS administrator.

Samples

Request Sample

url: https://{apigw-address}/connect-service/v2.0/certificates?action=list&assetId=yourAssetId&orgId=youOrgId
method: GET

Response Sample

{
    "code": 0,
    "msg": "OK",
    "requestId": "318d8b1f-1f27-4dd4-8299-b75a2015d425",
    "data": [
        {
            "certSN": "52725",
            "cert": "52725",
            "certStatus": 1,
            "issuer": "EMAILADDRESS=ca@eniot.io, CN=EnOS CA, OU=EnOS CA, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "subject": "EMAILADDRESS=xT7EaR, OU=EnOS, CN=xMen1, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "signDate": 1581216505000,
            "effetiveDate": 1581216505000,
            "expireDate": 1582080505000,
            "revoker": "IoT_Hub",
            "revokerReason": "KEY COMPROMISE",
            "isEnosCert": true,
            "issueAuthority": "RSA"
        },
        {
            "certSN": "52726",
            "cert": "52726",
            "certStatus": 0,
            "issuer": "EMAILADDRESS=ca@eniot.io, CN=EnOS ECC CA, OU=EnOS, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "subject": "EMAILADDRESS=uKGdK, OU=EnOS, CN=yPI9z8z, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "signDate": 1581218161000,
            "effetiveDate": 1581218161000,
            "expireDate": 1582082161000,
            "audit": {
                "createBy": "youOrgId",
                "createTime": 1581218161773,
                "updateBy": "youOrgId",
                "updateTime": 1581218161773,
                "ns": "youOrgId",
                "deleted": false
            },
            "revoker": "",
            "revokerReason": "",
            "isEnosCert": true,
            "issueAuthority": "ECC"
        },
        {
            "certSN": "52727",
            "cert": "52727",
            "certStatus": 2,
            "issuer": "EMAILADDRESS=ca@eniot.io, CN=EnOS ECC CA, OU=EnOS, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "subject": "EMAILADDRESS=xT7EaR, OU=EnOS, CN=xMen1, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "signDate": 1581234648000,
            "effetiveDate": 1581234648000,
            "expireDate": 1581493848000,
            "revoker": "",
            "revokerReason": "",
            "isEnosCert": true,
            "issueAuthority": "ECC"
        }
    ]
}
## SDK Samples
.. include:: ../snippet/sdk.md