Certificate management endpoint
Summary
Data Type | JSON |
Data Flow | command/response |
Class | CertManagerEndpoint |
Built in | YES |
Purpose | Certificate Management |
supported labels | cert |
Data Structures
JSON data structure
Sent
{
action:acts,
cert:b64x509,
id:hash
}
Where:
acts
may be one of : 'introduce', 'shun', 'list'
b64x509
may be a base64 encoded x509 certificate containing the relevant public key
hash
is the SHA256 hash of the relevant cert
Responses
action = 'introduce'
Adds a non-master certificate as a friend. Certificate is added to the list of friends against the hash.
Response:
{status: "ok"}
or
{status: "failed",errorMessage:"exception message"}
action = 'shun'
Removes a non-master certificate of a friend. Any certificate stored under a hash that matches the passed id
will be removed - unless the id is 'master'.
Response:
{status: "ok"}
or
{status: "failed",errorMessage:"exception message"}
action = 'list'
Lists all known certificate hashes.
Response:
{
"friends:
["master",
"C87E63E888A3FE9EB72653C7ECC6196B3F8123E4A762AB8EFE4A590E16B4EECFA"],
status: "ok"
}
If the list is long the device may just return a count of certs
{
"friendCount: 12,
status: "ok"
}
or
{status: "failed",errorMessage:"exception message"}
NOTE
Connections to the certificate endpoint are restricted to "master" - i.e. the owner's device.
This restriction can be lifted for licencees.