• Documentation
• Certificate
• List Certificate
• V2.0 List Certificate

V2.0 List Certificate

List the certificates bound to the specified device.

This API is available in EnOS 2.1.0 and above.

Operation Permissions

Before invoking this API, ensure that the service account has been authorized the policy that includes the following service(s) and action permission(s). For how to authorize the service account, see Managing Service Accounts.

Required Service	Required Operation Permission
Certificate	Read

Request Format

GET https://{apigw-address}/connect-service/v2.0/certificates?action=list

Request Parameters (URI)

Note

Use one of the following methods to specify the device:

• Include assetId in the request
• Include productKey + deviceKey in the request

Request Parameters (URI)

Name	Location (Path/Query)	Mandatory/Optional	Data Type	Description
orgId	Query	Mandatory	String	The organization ID which the asset belongs to. How to get Organization ID>>
assetId	Query	Optional (See Note above)	String	The asset ID. How to get assetId>>
productKey	Query	Optional (See Note above)	String	The product key. To be used with deviceKey .
deviceKey	Query	Optional (See Note above)	String	The device key. To be used with productKey .

Response Parameters

Response Parameters

Name	Data Type	Description
data	Array of DeviceCertDetailInfo Structs	A list of the certificates returned. For most cases, only one certificate will be returned. If the asset has multiple certificates, only one is valid. For details of a DeviceCertDetailInfo Struct, see the table below.

DeviceCertDetailInfo Struct

DeviceCertDetailInfo Object

Name	Data Type	Description
certSN	String	The certificate number
cert	String	The certificate content.
certStatus	Integer	Certificate Status: - 0: Valid - 1: Revoked - 2: Expired
issuer	String	The information of the certificate authority.
subject	String	The request requestor information.
signDate	Long	The timestamp when the certificate was issued.
effectiveDate	Long	The timestamp when the certificate comes into effect.
expireDate	Long	The timestamp when the certificate expired.
revoker	String	The entity that revokes the certificate. Required only if certStatus is 1.
revokerReason	String	The reason why the certificate is revoked. Required only if certStatus is 1.

Error Codes

Code	Type	Solution
99400	invalid argument: The device identifier is invalid	Specify (assetId) or (productKey + deviceKey) in your request.
99400	Call ca error!: Certificate service err info:, code: (code), message: (message content), detail message: (detailed message content)	Refer to the “message” and “detailed message”.
99400	Query cert is failed!message: (message content), detail message: (detailed message content)	Refer to the “message” and “detailed message”.
99400	When calling Certificate Services, the call parameters are invalid.message: (message content), detail message: (detailed message content)	Refer to the “message” and “detailed message”.
11404	Device cannot be found	Ensure that the device exists and is registerd on EnOS.
99500	Internal error of certificate service.	Refer to your EnOS administrator.
99500	Internal error of product service.	Refer to your EnOS administrator.
99500	Internal error of IoT hub service.	Refer to your EnOS administrator.

Samples

Request Sample

url: https://{apigw-address}/connect-service/v2.0/certificates?action=list&assetId=yourAssetId&orgId=youOrgId
method: GET

Response Sample

{
    "code": 0,
    "msg": "OK",
    "requestId": "318d8b1f-1f27-4dd4-8299-b75a2015d425",
    "data": [
        {
            "certSN": "52725",
            "cert": "52725",
            "certStatus": 1,
            "issuer": "EMAILADDRESS=ca@eniot.io, CN=EnOS CA, OU=EnOS CA, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "subject": "EMAILADDRESS=xT7EaR, OU=EnOS, CN=xMen1, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "signDate": 1581216505000,
            "effetiveDate": 1581216505000,
            "expireDate": 1582080505000,
            "revoker": "IoT_Hub",
            "revokerReason": "KEY COMPROMISE",
            "isEnosCert": true,
            "issueAuthority": "RSA"
        },
        {
            "certSN": "52726",
            "cert": "52726",
            "certStatus": 0,
            "issuer": "EMAILADDRESS=ca@eniot.io, CN=EnOS ECC CA, OU=EnOS, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "subject": "EMAILADDRESS=uKGdK, OU=EnOS, CN=yPI9z8z, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "signDate": 1581218161000,
            "effetiveDate": 1581218161000,
            "expireDate": 1582082161000,
            "audit": {
                "createBy": "youOrgId",
                "createTime": 1581218161773,
                "updateBy": "youOrgId",
                "updateTime": 1581218161773,
                "ns": "youOrgId",
                "deleted": false
            },
            "revoker": "",
            "revokerReason": "",
            "isEnosCert": true,
            "issueAuthority": "ECC"
        },
        {
            "certSN": "52727",
            "cert": "52727",
            "certStatus": 2,
            "issuer": "EMAILADDRESS=ca@eniot.io, CN=EnOS ECC CA, OU=EnOS, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "subject": "EMAILADDRESS=xT7EaR, OU=EnOS, CN=xMen1, O=EnOS, L=Shanghai, ST=Shanghai, C=CN",
            "signDate": 1581234648000,
            "effetiveDate": 1581234648000,
            "expireDate": 1581493848000,
            "revoker": "",
            "revokerReason": "",
            "isEnosCert": true,
            "issueAuthority": "ECC"
        }
    ]
}

## SDK Samples
.. include:: ../snippet/sdk.md