• Documentation
  • Apply Certificate

Apply Certificate

Apply for a certificate and bind it to a specified device. You can also configure the validity period for a certificate you have previously obtained.

Operation Permissions

Required Authorization Required Operation Permission
Device Management Full Access

Request Format

POST http://{apigw-address}/connect-service/v2.0/certificates?action=apply

Request Parameters (URI)

Note

One of the following options must be used in a request to specify a device

  • assetId
  • productKey + deviceKey
Request Parameters (URI)
Name Location (Path/Query) Required or Not Data Type Description
orgId Query True String Organization ID which the asset belongs to. How to get Organization ID>>
assetId Query false String Asset ID of the device
productKey Query false String Product key of the device
deviceKey Query false String Device key of the device
validDay Query false int The validity period of the certificate in days. If this parameter is not included in the request. It will be inferred that you specified the default value, 730. Certain rules as follows apply to this parameter.

Rules for the Validity Period of a Certificate

To validDay in a request, the following rules apply:

  • If the specified or default value (730) is less than the maximum validity period of the product that this device belongs to, the specified value or the default value shall be applied.
  • If the specified or default value (730) is greater than the maximum validity period of the product that this device belongs to, an error message is prompted and the application fails.
  • If the specified is greater than the default value, less than the maximum validity period of the product that this device belongs to, but exceeds the remaining CA root certificate validity, the CA root certificate validity period shall be applied.

Request Parameters (Body)

Request Parameters (Body)
Name Required or Not Data Type Description
csr True String CSR file (Certificate Signing Request) in the Privacy-Enhanced Mail (PEM) format.

Response Parameters

Response Parameters (Body)
Name Data Type Description
data DeviceCertApplyResultInfo, JSON object Certificate binding information. See the table below for its structure.

deviceCertApplyResultInfo Object

deviceCertApplyResultInfo Object
Name Data Type Description
certChainURL String CA root certificate URL
cert String The content of the certificate obtained
certSn String Certificate Number
caCert String CA root certificate

Sample

Java SDK Sample

package com.envisioniot.enos.api.sample.connect_service.cert;

import com.envision.apim.poseidon.config.PConfig;
import com.envision.apim.poseidon.core.Poseidon;
import com.envisioniot.enos.connect_service.v2_1.cert.ApplyCertificateRequest;
import com.envisioniot.enos.connect_service.v2_1.cert.ApplyCertificateResponse;
import com.envisioniot.enos.connect_service.vo.DeviceIdentifier;


public class applyCert {

    public static void main(String[] args) {

        String appKey = "e36cc693-3a07-456e6cafcbc2-9314-4ff6";
        String appSecret = "6cafcbc2-9314-4ff6-9450-861d4344a431";
        String serverUrl = "http://apim-apigw-proxy.alpha-k8s-cn4.eniot.io";

        String orgId = "o15444172373271";

        ApplyCertificateRequest applyCertificateRequest = new ApplyCertificateRequest();
        String csr = "-----BEGIN NEW CERTIFICATE REQUEST-----\n" +
                "MIICwTCCAakCAQAwfDELMAkGA1UEBhMCQ04xETAPBgNVBAgMCFNoYW5naGFpMREw\n" +
                "DwYDVQQHDAhTaGFuZ2hhaTENMAsGA1UECgwERW5PUzERMA8GA1UEAwwITVJtSXl6\n" +
                "UFcxDTALBgNVBAsMBEVuT1MxFjAUBgkqhkiG9w0BCQEWBzREbmIxVDEwggEiMA0G\n" +
                "CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCCRmPrs0ubuH2HeGT9kwB72/SuKWf3\n" +
                "WtWQ5csRWlSOullOQn2OUqdVPOcnZm2hQQ7WGDH3cvyD49CIeVF/a8jqzqbkrk/5\n" +
                "jINuu71tjMzRRZWym8KOmYbA2nO8Wdko8mebuYtcSpic7fByGRhGytsE2EU+TD0a\n" +
                "K1tSjMCME0ba9/ImU+q5ziI0YPRI2Pz2Sw08rpTxICocw/oGEqNbK0cYHMbQjEmQ\n" +
                "spa5MARGz3coGlRu8CsyGXwkUC6zJVxJxbNA7/VTc2PCRhS2SfjBOT226cSharH8\n" +
                "4VGywXN+YLaMUDFui2gb2E5tHFIzWD0X1qCWtDsbPIZhlPt7agsmPkLrAgMBAAGg\n" +
                "ADANBgkqhkiG9w0BAQsFAAOCAQEAVMv03+jwh/6H4+x+sQiu4qxQeBuNWagqVL/C\n" +
                "HEoyWkWOzeJHpMI59OLukHQ4QJi1IwBSB0TdWn1kfpb0ztNaYfKCR5mQLErNw9ee\n" +
                "01mEeG+3Lgmd4FRWvnNdL42kQ4GeDIkmpI/aEabMHjLwcFofzeZHRsaRyeetG5Bv\n" +
                "oGTOK1hFP4lS1p40aueHa3WNEw7z/QG2lNMz5+HPbEqJhe5AoQicMMFciZ+y1LZV\n" +
                "ZU72eVecirZPMsYOjjQ9+TLztfSLEPCZ60xA0QkTn4CFgoX8DvuzxP2uJeZ70Mch\n" +
                "Z58IqTZQkAWrTx7t4w3+rGBwQ/pkFXANd2NtYr9Mt50wIoMXzw==\n" +
                "-----END NEW CERTIFICATE REQUEST-----\n";
        applyCertificateRequest.setCsr(csr);
        DeviceIdentifier device = new DeviceIdentifier();
        device.setProductKey("ymcDiAHd");
        device.setAssetId("KloXinjW");
        device.setDeviceKey("TT6MyEFaO7");
        applyCertificateRequest.setDevice(device);
        applyCertificateRequest.setValidDay(250);
        applyCertificateRequest.setOrgId(orgId);
        ApplyCertificateResponse certRsp = Poseidon.config(PConfig.init().appKey(appKey).appSecret(appSecret).debug())
                .url(serverUrl)
                .getResponse(applyCertificateRequest, ApplyCertificateResponse.class);
        System.out.println(certRsp.getData());
    }
}

Error Code

Error Code
Code Type Description
99400
  • The specified validity period exceeds the maximum certificate validity period of the product to which this device belongs.
  • Exceeded the remaining valid days of the CA root certificate! The valid day cannot be greater than x day!
  • Error info:message: (message content), detail message: (detailed message content)
  • The product to which the device belongs is not a product that supports BiDirectionalAuth.
  • Device identifier is invalid
  • orgId is null
  • The validity period specified is longer than the maximum validity period of the product that this device belongs to
  • The validity period specified is longer than the remaining CA root certificate’s validity period. The validity period cannot exceed x days. (x representing the remaining CA root certificate validity period.)
  • Parameter error. Detailed cause will be given in message or detailed message .
  • The product that the device belongs to does not support bi-directional authentication
  • assetId or productKey + deviceKey is not included in the request to specify a device
  • orgId is not included in the request
11404 device can not be found No device can be specified by assetId or productKey + deviceKey.
11833 certificate already bind to another device The certificate has already been bound to another device.
99500
  • hub service internal error!
  • certificate service err info:code: x, message: y, detail message: z
  • certificate service internal error!
  • product service internal error!
  • Internal error
  • Internal CA service error. Detailed causes are given in message or detail message .
  • Internal certificate error
  • Internal product error