blob: 14f8b6bc83949345f62a5f476e94dd6af9a4a9f6 [file] [log] [blame]
# ============LICENSE_START=======================================================
# aaf-certservice
# ================================================================================
# Copyright (C) 2020 Nokia. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
openapi: 3.0.1
info:
title: CertService Documentation
description: Certification service API documentation
version: 1.0.0
servers:
- url: http://localhost:8080
description: Generated server url
tags:
- name: Actuator
description: Monitor and interact
externalDocs:
description: Spring Boot Actuator Web API Documentation
url: https://docs.spring.io/spring-boot/docs/current/actuator-api/html/
paths:
/v1/certificate/{caName}:
get:
tags:
- CertificationService
summary: Sign certificate
description: Web endpoint for requesting certificate signing. Used by system
components to gain certificate signed by CA.
operationId: signCertificate
parameters:
- name: caName
in: path
description: Name of certification authority that will sign CSR.
required: true
schema:
type: string
example: "RA_TEST"
- name: CSR
in: header
description: Certificate signing request in form of PEM object encoded in
Base64 (with header and footer).
required: true
schema:
type: string
example: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJREVqQ0NBZm9DQVFBd2daY3hDekFKQmdOVkJBWVRBbFZUTVJNd0VRWURWUVFJREFwRFlXeHBabTl5Ym1saApNUll3RkFZRFZRUUhEQTFUWVc0dFJuSmhibU5wYzJOdk1Sa3dGd1lEVlFRS0RCQk1hVzUxZUMxR2IzVnVaR0YwCmFXOXVNUTB3Q3dZRFZRUUxEQVJQVGtGUU1SRXdEd1lEVlFRRERBaHZibUZ3TG05eVp6RWVNQndHQ1NxR1NJYjMKRFFFSkFSWVBkR1Z6ZEdWeVFHOXVZWEF1YjNKbk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQgpDZ0tDQVFFQXpRekpQTmhrRURhL3JnUmhJUmpLVDF2RC84Wk9scXA3UmRuYTEybXFIU2FqQ0hHeGR0K1JPZk0vCkpINk9NczZNSjlwNXRJVE5VUWVDUEQ5cE44WkpzMCtOaWQvRE1Nb1B3MW94NnZyNFc5Rnh4K3NGN2hnK05nYjEKNGxvZVZob2EwajlKd1hlc2krSThNbFBObGRMRXlGYnZubDgyNzl0Qjg2dmRpR2g3blFjek8rbnY5elBqZllVcQpIaGlRK1ptMEZjbWFxblVJOG54aWJQNmFMMS9uWFQ3aHlwY0VzOCtpenNZVktqdVdwSjhlZHN0T1NBYTlkWXkrCkVhYTFPTlo5RFRDQzArZmM4S0pBNGJjWVE0T2tPYXFmcnhxY0xMOXZJL1BROWZtYThTUXBmcXVTbmQvbjNOazMKK1NoYnVCclorVnNQRWhsWnBJb2lXdS9scjlrdnp3SURBUUFCb0RVd013WUpLb1pJaHZjTkFRa09NU1l3SkRBaQpCZ05WSFJFRUd6QVpnZ2h2Ym1Gd0xtOXlaNElOZEdWemRDNXZibUZ3TG05eVp6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBUUVBV0N2QlJzTmZ5S0F1NWhIWldWUm8xd2VWSVJvbHQyRWdsSUkzbHI4d0ZlN1hobUtZVlhESzJ3aHEKc2hCakNNQUJHNW90MlBXUE8yK1JLSmsveEh2RXRoQzMybityQlhOS2hHUUJMY3dyeFNBbjVUMHFNa0xzTGJiRAphTU1nTnRiYWxmOC9mVmNWWDY1WTVVb052Y2FScEpvVUdYY1ovZ3kvMG5aWnNXbURkejk1Rys2MXFnY0s3RlhOClB1bENxLy9YNUZkK2NkQy9TTnNxaGtqdlgyd3hYMUZRVVYwcFp0akcwenl3b3JwNE9HSkRiUUxtaWFZSlQ2Ym8KNjAyZ21zWFNTQlJzVWFCOEsxeWMzalRkS043QjYxcjhwYW05NlBxQjdXME13MVRJVFAzQnhJTk5kN1hhNlI5VAo5T3BTcDhFcUZ5R043M3NJN0svbDdNZVJvUm1PUUE9PQotLS0tLUVORCBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0K"
- name: PK
in: header
description: Private key in form of PEM object encoded in Base64 (with header
and footer).
required: true
schema:
type: string
example: "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2d0lCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktrd2dnU2xBZ0VBQW9JQkFRRE5ETWs4MkdRUU5yK3UKQkdFaEdNcFBXOFAveGs2V3FudEYyZHJYYWFvZEpxTUljYkYyMzVFNTh6OGtmbzR5em93bjJubTBoTTFSQjRJOApQMmszeGttelQ0MkozOE13eWcvRFdqSHErdmhiMFhISDZ3WHVHRDQyQnZYaVdoNVdHaHJTUDBuQmQ2eUw0and5ClU4MlYwc1RJVnUrZVh6YnYyMEh6cTkySWFIdWRCek03NmUvM00rTjloU29lR0pENW1iUVZ5WnFxZFFqeWZHSnMKL3BvdlgrZGRQdUhLbHdTeno2TE94aFVxTzVha254NTJ5MDVJQnIxMWpMNFJwclU0MW4wTk1JTFQ1OXp3b2tEaAp0eGhEZzZRNXFwK3ZHcHdzdjI4ajg5RDErWnJ4SkNsK3E1S2QzK2ZjMlRmNUtGdTRHdG41V3c4U0dWbWtpaUphCjcrV3YyUy9QQWdNQkFBRUNnZ0VBZkN5cUVYYlo0aGZGckpScVhhaXRtN0Z1Mkk0M09YYTBnSENWM3EzV255Q3UKeW9aUGVqV1p0UVpoenEvMVhUOUlFVHAxU2FUQzBiZENYMG5uWmlkbXFuZ2F0c3dUWUpCOVMwaHJ3bW1KemREZwpucmp0Tm1yb0FiL2xWOVpMV01rbVJQeWVwZExiWXpyMlNXUUd0QnlYbnR0RzhSbW9JMGtjZjN3dEJGYUJ4VzFwClFzRUNXUFBpdjNZRDh2SzlSRG9wdmxCMnFZVWxCTm1kQ3AxWEJXMU9OZm5wckUwZFhiYTJxVzB3M3lqU2dJdGYKUWJBSTJZQzJEWlpIK3liRGFMZWVtb0p3dDdPK1F6NWp4SkgwWkFpSnVaNzNpSTVocFBJQlhLamRkU1p1bjRpRwpEOFZaaCtYWE9yQWJxVURXdlN4UW9kdFhYeGNSSS9aWUx5WWR1OHdhd1FLQmdRRHA3UEhwdWFDSk50MlBLV3d6Cll4SDhIYlB1L0pTS2R3UytZek5SNzJaYlUwSmQxWTdPc1JCR1Bvd24zOW55WDlJYzJINXBLc2VJYnpsK1lJS1MKQW9BKy9nbFZZUGpIZ2RmVHF6R01QMm5meVh0dVpFQzdicVBLSVlzL0Qwb0pGQzFkUThwUjFxcXp6NjJEMEUvawpSS1MrVFhpSlkvMlJiQVhDckFDVnNwVmQzUUtCZ1FEZ1prZE45SkhIMjYyRWdLQ3p1Q0NHMXlYa3IrcWVHZ3ozCldWbUtMaGVveitHVXlvVDVuaGlvUTJxNlllYTJ1ODlVYUdGZFk4Y0hIQVdhUy9UdU9FYzdBRHV4eTZsVWpKWkQKU3V0YU80cWk3eXh6UGxNN2w5alVpejV5MldZZGRnWEhLOG82M0pOSHdwd0FYaDgycytTbm9STUZSd1JOTGsyWQp4WmxxRm55WG13S0JnUUNkdEkrWEtmMHY1SnhVUXZIZVp3RWQvb3hySnoraFpnSDl0UFZKWE9PZDJERGEvL25xCklQYysxRFk3UDdBNHRoNzZNWDV2dWxhUkJhTTJMeXgzOFZXeW9pTjZ1d2lkd0V6WU9BY01iVWdjaGtJL3R6am8KNC90cWIxam9KNCtiTlU0c0hXTE43N0pmelRoR3NHN2NEdWNlSVM2Tk9hc2VtanY3OVdmamhHVXN4UUtCZ1FETQpwbHFYVE5uNjlHek9MK1Rmb3FmL2NZMjhmM2N3VXovS0FYRzRwSXF0U1ZGSXVsNEZyTnA5OG1ZT3J5U1RPTHRBCkZxWGRYeGJ2Yysza0p5dXNhaVVFT1JVMzlDNXN6bjVueHBiWHh2K0wweWF0djRSM0QrZ1BCeUtmNlliSWpZOTkKY29GUHAwU21xR1JQclljNEExNGdSclVyRmZabFVUb3hmdHlJTlJQUnl3S0JnUURoSFkvT24vRTNodmo4aHBKRQplMWNuQ2ZsV2VKWlZSdnBPQm96NCtwMVltMzZZZEQ0azBpSEh6anZUUGlBSnNGTFB5VXVTZXI0T3hpN2cvcmYvCklPVjN4bHZyNXdSRmxLYWxvWjY5azkxNm5qdWM0d2lXVzdMbGt1YWptVDhlSUszTU05MU9SL1VFcE16dFMyMHEKZ3hRMEVieTFaMlh6TWlkMEhZZTlVcTJaSmc9PQotLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tCg=="
responses:
"200":
description: Certificate successfully signed
content:
application/json:
schema:
$ref: '#/components/schemas/CertificationModel'
"400":
description: Given CSR or/and PK is incorrect
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorResponseModel'
"404":
description: CA not found for given name
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorResponseModel'
"500":
description: Something went wrong during connectiion to CMPv2 server
content:
application/json:
schema:
$ref: '#/components/schemas/ErrorResponseModel'
/ready:
get:
tags:
- CertificationService
summary: Check if CertService application is ready
description: Web endpoint for checking if service is ready to be used.
operationId: checkReady
responses:
"200":
description: Configuration is loaded and service is ready to use
content: {}
"503":
description: Configuration loading failed and service is unavailable
content: {}
/reload:
get:
tags:
- CertificationService
summary: Reload CMPv2 servers configuration from configuration file
description: Web endpoint for performing configuration reload. Used to reload
configuration from file.
operationId: reloadConfiguration
responses:
"200":
description: Configuration has been successfully reloaded
content: {}
"500":
description: Something went wrong during configuration loading
content:
string:
schema:
type: string
example: "can't parse JSON. Raw result: Exception occurred during CMP Servers configuration loading"
/actuator/health:
get:
tags:
- Actuator
summary: Actuator web endpoint 'health'
operationId: healthCheck
responses:
"200":
description: Service is healthy
content:
string:
schema:
$ref: '#/components/schemas/StatusResponseModel'
components:
schemas:
StatusResponseModel:
type: object
properties:
status:
type: string
example: "UP"
ErrorResponseModel:
type: object
properties:
errorMessage:
type: string
example: "Internal server error"
CertificationModel:
type: object
properties:
certificateChain:
type: array
items:
type: string
example: "-----BEGIN CERTIFICATE-----\nMIIErDCCAxSgAwIBAgIUfYvpzoT6WTxiu2KtxDwdvB56iVUwDQYJKoZIhvcNAQEL\nBQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMGI1YzFhYTBkNzA4NjVjNGUxFTATBgNV\nBAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr\nc3RhcnQwHhcNMjAwNDAxMTAyNzAwWhcNMjIwNDAxMTAyNDEyWjCBlzEeMBwGCSqG\nSIb3DQEJARYPdGVzdGVyQG9uYXAub3JnMREwDwYDVQQDDAhvbmFwLm9yZzENMAsG\nA1UECwwET05BUDEZMBcGA1UECgwQTGludXgtRm91bmRhdGlvbjEWMBQGA1UEBwwN\nU2FuLUZyYW5jaXNjbzETMBEGA1UECAwKQ2FsaWZvcm5pYTELMAkGA1UEBhMCVVMw\nggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNDMk82GQQNr+uBGEhGMpP\nW8P/xk6WqntF2drXaaodJqMIcbF235E58z8kfo4yzown2nm0hM1RB4I8P2k3xkmz\nT42J38Mwyg/DWjHq+vhb0XHH6wXuGD42BvXiWh5WGhrSP0nBd6yL4jwyU82V0sTI\nVu+eXzbv20Hzq92IaHudBzM76e/3M+N9hSoeGJD5mbQVyZqqdQjyfGJs/povX+dd\nPuHKlwSzz6LOxhUqO5aknx52y05IBr11jL4RprU41n0NMILT59zwokDhtxhDg6Q5\nqp+vGpwsv28j89D1+ZrxJCl+q5Kd3+fc2Tf5KFu4Gtn5Ww8SGVmkiiJa7+Wv2S/P\nAgMBAAGjgaQwgaEwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBQ4TWsw5NCfgMjt\nc6sLNV008AniSjAiBgNVHREEGzAZgghvbmFwLm9yZ4INdGVzdC5vbmFwLm9yZzAd\nBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHQYDVR0OBBYEFAMyW8sAIjOG\n4qiMVEWuBfliFNeyMA4GA1UdDwEB/wQEAwIF4DANBgkqhkiG9w0BAQsFAAOCAYEA\nCviGRpVZgd4Vr3R3pslegH9GRa1TmCVP8wTD6CUA84VqMzVatcdWbaDFNoCVv54v\nUCYPsN8REx/I53R1jbQ5tralj8JMublrdDaKDQY7OdfjL53nGS4OGl76ZLMt50cF\nnXreoSixCdv3OkPO7+P5szzfnwcCQEa235GfHOxAKv2DIhI8+aFMdi1vTJMYmROs\nYA/6DuJAFjfjPM6T4hzKdW8FPyyUw4kWSNRtt+cxN1JxGDYRt1bnjj7u7nMA5Mge\noWn5oeHLO8rkWgMy0BPxL+YVJhqhdD1fiSek99vmWNUKqmui/4TOXf06SjuMgPgL\nOdp/e2+unwOw+TfdQ/Vu1736IRuWKgLxXOXoOHq2RCZpMgfol2wOFdWSeHWnOag2\nstKD9mmxUaq3wactkVQEkljo3vOgw3D829jC5BOVASxoYoiNzRQlpXrP+kj9QPt0\nZN6haQCgjejHOVpKeuUNoZTUyH+2MwpANLiaJjQcZrwt8N9bAN7WilY+f7CHwMK+\n-----END CERTIFICATE-----\n"
trustedCertificates:
type: array
items:
type: string
example: "-----BEGIN CERTIFICATE-----\nMIIEszCCAxugAwIBAgIUK3BbY7jXBtQfSMhob3Ls9BoorbYwDQYJKoZIhvcNAQEL\nBQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMGI1YzFhYTBkNzA4NjVjNGUxFTATBgNV\nBAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr\nc3RhcnQwHhcNMjAwNDAxMTAyNzAwWhcNMzAwNDAxMTAyNzAwWjBhMSMwIQYKCZIm\niZPyLGQBAQwTYy0wYjVjMWFhMGQ3MDg2NWM0ZTEVMBMGA1UEAwwMTWFuYWdlbWVu\ndENBMSMwIQYDVQQKDBpFSkJDQSBDb250YWluZXIgUXVpY2tzdGFydDCCAaIwDQYJ\nKoZIhvcNAQEBBQADggGPADCCAYoCggGBAJ5UAlOGkFyyjyDfFBADJrVzce5/wvNC\nDzL8OoB5CRa22NxHZqPL6fNpqexH1alE7ko/g+vvu1BLHnjKzglVMVV880jjG/tq\ngUf9syfmRdRcgPUrF71dOTNw52ZGB23e8es7VQNYca5QH0mfjaw2AxKf4pNzScTi\nbYXw/KxuoeBHP2ybKhSCxau1k6eePUEkpzHlu33XjtTKGRklCo4lDslLtMOV0gWm\nJj2pd9v+/qY9AMio1XkqczGmnGrSRDD7fp+3WpBI2Q4ZaDZZHnzg/9TXmpBGWhwi\n5Ca5e9Cmb9WGjE8W4uICyvaBSmvsGqB2nBjLC0rBUyJxkMxaxZYxoWbegCqlnwgo\naG2OMbGq1qO/U5ArW9WppovA9y540j49CuYWgvf2pH21GzQX2uCtiHDge01exko/\np7c8/20B0rNjyvBFM9s2NOQ4wCIrLVKPClX3mpzuIGliRpnXnC6FQMrC4yNvyO7s\nB2PwzesXaBdD07AfXpYtSaHeqLZafMtqRwIDAQABo2MwYTAPBgNVHRMBAf8EBTAD\nAQH/MB8GA1UdIwQYMBaAFDhNazDk0J+AyO1zqws1XTTwCeJKMB0GA1UdDgQWBBQ4\nTWsw5NCfgMjtc6sLNV008AniSjAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL\nBQADggGBAImYiKkQfR52L2NzjuHI6y8darhBNpZSNf5Hhzv5MOs6yKJSFxh6mQFg\nRfF860AbxgxAfE8bvK2IX+W6b193ecFXAOrRc+UcEyqTg2efqp2zuCdQpnA4nopf\n+474iRkAHdlwdeI0FTE931AOCMfKaQAiEn40Xo3xB09xvMhK7ce2xkxFp90uqbyZ\nwXPRORUj5rKhCiL10jkgXmTfGGlzgQfpHxQxnwQzuAPcv31l+0YVZpDpkSP8A2ts\nmS/yGFfBylyPnGa/+mChZoI7AAKUZ0QWSTDVQLFW6RIs0ByX9zPZqQx0ncGzXH++\nmLu/33YpyjfcjFzvhFVRJCNpELTa0aCElDcD+LIiz80fFP3bxbI42ifYXbt+k/8w\nAB8Ffh1GOneWnaOl42mghNs6ve9e+PjOphYS1sQI74b0liXQdI4tmobAyPoACpgR\ncJ9DAfYtkpMQjxkV/FUM92m76WQpFnIRNQl6C5XLzWHCAVvS+MxEydtINsl4FCvw\nPDdu3P8UkA==\n-----END CERTIFICATE-----\n"