openapi: 3.1.0 info: title: ACME API description: ACME API according to the RFC 8555 contact: name: ILM url: https://www.otilm.com email: info@otilm.com license: name: MIT License url: https://github.com/CZERTAINLY/CZERTAINLY/blob/develop/LICENSE.md version: 2.17.0 x-logo: url: images/ilm-logo.svg externalDocs: description: ILM Documentation url: https://docs.otilm.com servers: - url: https://demo.czertainly.online/api description: CZERTAINLY Demo server tags: - name: ACME operations description: "Interfaces used by ACME clients to request ACME related operations.\ \ ACME Profile defines the behaviour for the specific ACME configuration. When\ \ the ACME Profile contains default RA Profile, it can be used by the ACME clients\ \ to request operations on their specific URL." - name: ACME RA Profile description: Interfaces used by ACME clients to request ACME related operations on top of RA Profile. ACME Profile defines the behaviour for the specific ACME configuration. ACME Profile is bound with specific RA Profile and it can be used by the ACME clients to request operations on their specific URL. These operations are always specific only for the RA Profile. paths: /v1/protocols/acme/{acmeProfileName}/revoke-cert: post: tags: - ACME operations summary: Revoke Certificate externalDocs: description: "RFC 8555, section 7.6" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.6 operationId: revokeCertificate parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string requestBody: description: Certificate Revocation JWS payload content: application/jose+json: schema: $ref: "#/components/schemas/CertificateRevocationRequest" required: true responses: "200": description: Certificate revoked "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/orders/{accountId}: post: tags: - ACME operations summary: List Orders externalDocs: description: "RFC 8555, section 7.1.2.1" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.2.1 operationId: listOrders parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string - name: accountId in: path description: Account Id required: true schema: type: string requestBody: description: List Orders JWS Payload content: application/jose+json: {} required: true responses: "200": description: Orders list retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/Order" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/order/{orderId}: post: tags: - ACME operations summary: Get Order details externalDocs: description: "RFC 8555, section 7.1.3" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.3 operationId: getOrder parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string - name: orderId in: path description: Order Id required: true schema: type: string requestBody: description: Get Order details payload content: application/jose+json: {} required: true responses: "200": description: Order details retrieved content: application/json: schema: $ref: "#/components/schemas/Order" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/order/{orderId}/finalize: post: tags: - ACME operations summary: Finalize Order externalDocs: description: "RFC 8555, section 7.4" url: "https://datatracker.ietf.org/doc/html/rfc8555#:~:text=the%20order%20resource%27s-,finalize,-URL.%0A%20%20%20The%20POST" operationId: finalizeOrder parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string - name: orderId in: path description: Order Id required: true schema: type: string requestBody: description: Finalize Order JWS payload content: application/jose+json: schema: $ref: "#/components/schemas/CertificateFinalizeRequest" required: true responses: "200": description: Order finalized content: application/json: schema: $ref: "#/components/schemas/Order" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/new-order: post: tags: - ACME operations summary: Request new Order externalDocs: description: "RFC 8555, section 7.4" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.4 operationId: newOrder parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string requestBody: description: New Order JWS payload content: application/jose+json: schema: $ref: "#/components/schemas/CertificateIssuanceRequest" required: true responses: "201": description: New Order request created content: application/json: schema: $ref: "#/components/schemas/Order" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/new-account: post: tags: - ACME operations summary: Create Account externalDocs: description: "RFC 8555, section 7.3" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.3 operationId: newAccount parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string requestBody: description: New Account JWS payload content: application/jose+json: schema: $ref: "#/components/schemas/NewAccountRequest" required: true responses: "200": description: Existing Account retrieved content: application/json: schema: $ref: "#/components/schemas/Account" "201": description: New Account created content: application/json: schema: $ref: "#/components/schemas/Account" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/key-change: post: tags: - ACME operations summary: Key Rollover externalDocs: description: "RFC 8555, section 7.3.5" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.5 operationId: keyRollover parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string requestBody: description: Key Rollover JWS payload content: application/jose+json: schema: $ref: "#/components/schemas/KeyRollover" required: true responses: "200": description: Account key updated content: application/json: schema: type: object "409": description: Conflict. Key already exists content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/chall/{challengeId}: post: tags: - ACME operations summary: Validate Challenge externalDocs: description: "RFC 8555, section 7.5.1" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.5.1 operationId: validateChallenge parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string - name: challengeId in: path description: Challenge Id required: true schema: type: string requestBody: description: Initiate Challenge validation JWS Payload content: application/jose+json: schema: type: string required: true responses: "200": description: Challenge validation initiated content: application/json: schema: $ref: "#/components/schemas/Challenge" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/cert/{certificateId}: post: tags: - ACME operations summary: Download Certificate externalDocs: description: "RFC 8555, section 7.4.2" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.4.2 operationId: downloadCertificate parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string - name: certificateId in: path description: Certificate Id required: true schema: type: string requestBody: description: Download Certificate Payload content: application/jose+json: {} required: true responses: "200": description: Certificate content retrieved "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/pem-certificate-chain: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/authz/{authorizationId}: post: tags: - ACME operations summary: Get Authorizations for an Order externalDocs: description: "RFC 8555, section 7.5" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.5 operationId: getAuthorizations parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string - name: authorizationId in: path description: Authorization Id required: true schema: type: string requestBody: description: Get Authorization of Order JWS Payload content: application/jose+json: schema: type: string required: true responses: "200": description: Authorizations retrieved content: application/json: schema: $ref: "#/components/schemas/Authorization" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/acct/{accountId}: post: tags: - ACME operations summary: Update Account externalDocs: description: "RFC 8555, section 7.3.2" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.2 operationId: updateAccount parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string - name: accountId in: path description: Account ID required: true schema: type: string requestBody: description: Account JWS payload content: application/jose+json: schema: $ref: "#/components/schemas/NewAccountRequest" required: true responses: "200": description: ACME Account updated content: application/json: schema: $ref: "#/components/schemas/Account" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/revoke-cert: post: tags: - ACME RA Profile summary: Revoke Certificate externalDocs: description: "RFC 8555, section 7.6" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.6 operationId: revokeCertificate_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string requestBody: description: Certificate Revocation JWS payload content: application/jose+json: schema: $ref: "#/components/schemas/CertificateRevocationRequest" required: true responses: "200": description: Certificate revoked "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/orders/{accountId}: post: tags: - ACME RA Profile summary: List Orders externalDocs: description: "RFC 8555, section 7.1.2.1" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.2.1 operationId: listOrders_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string - name: accountId in: path description: Account Id required: true schema: type: string requestBody: description: List Orders JWS Payload content: application/jose+json: {} required: true responses: "200": description: Orders list retrieved content: application/json: schema: type: array items: $ref: "#/components/schemas/Order" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/order/{orderId}: post: tags: - ACME RA Profile summary: Get Order details externalDocs: description: "RFC 8555, section 7.1.3" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.3 operationId: getOrder_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string - name: orderId in: path description: Order Id required: true schema: type: string requestBody: description: Get Order details payload content: application/jose+json: {} required: true responses: "200": description: Order details retrieved content: application/json: schema: $ref: "#/components/schemas/Order" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/order/{orderId}/finalize: post: tags: - ACME RA Profile summary: Finalize Order externalDocs: description: "RFC 8555, section 7.4" url: "https://datatracker.ietf.org/doc/html/rfc8555#:~:text=the%20order%20resource%27s-,finalize,-URL.%0A%20%20%20The%20POST" operationId: finalizeOrder_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string - name: orderId in: path description: Order Id required: true schema: type: string requestBody: description: Finalize Order JWS payload content: application/jose+json: schema: $ref: "#/components/schemas/CertificateFinalizeRequest" required: true responses: "200": description: Order finalized content: application/json: schema: $ref: "#/components/schemas/Order" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/new-order: post: tags: - ACME RA Profile summary: Request new Order externalDocs: description: "RFC 8555, section 7.4" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.4 operationId: newOrder_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string requestBody: description: New Order JWS payload content: application/jose+json: schema: $ref: "#/components/schemas/CertificateIssuanceRequest" required: true responses: "201": description: New Order request created content: application/json: schema: $ref: "#/components/schemas/Order" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/new-account: post: tags: - ACME RA Profile summary: Create Account externalDocs: description: "RFC 8555, section 7.3" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.3 operationId: newAccount_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string requestBody: description: New Account JWS payload content: application/jose+json: schema: $ref: "#/components/schemas/NewAccountRequest" required: true responses: "200": description: Existing Account retrieved content: application/json: schema: $ref: "#/components/schemas/Account" "201": description: New Account created content: application/json: schema: $ref: "#/components/schemas/Account" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/key-change: post: tags: - ACME RA Profile summary: Key Rollover externalDocs: description: "RFC 8555, section 7.3.5" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.5 operationId: keyRollover_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string requestBody: description: Key Rollover JWS Payload content: application/jose+json: schema: $ref: "#/components/schemas/KeyRollover" required: true responses: "200": description: Account key updated "409": description: Conflict. Key already exists content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/chall/{challengeId}: post: tags: - ACME RA Profile summary: Validate Challenge externalDocs: description: "RFC 8555, section 7.5.1" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.5.1 operationId: validateChallenge_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string - name: challengeId in: path description: Challenge Id required: true schema: type: string requestBody: description: Initiate Challenge validation JWS Payload content: application/jose+json: schema: type: string required: true responses: "200": description: Challenge validation initiated content: application/json: schema: $ref: "#/components/schemas/Challenge" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/cert/{certificateId}: post: tags: - ACME RA Profile summary: Download Certificate externalDocs: description: "RFC 8555, section 7.4.2" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.4.2 operationId: downloadCertificate_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string - name: certificateId in: path description: Certificate Id required: true schema: type: string requestBody: description: Download Certificate Payload content: application/jose+json: {} required: true responses: "200": description: Certificate content retrieved as file "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/pem-certificate-chain: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/authz/{authorizationId}: post: tags: - ACME RA Profile summary: Get Authorizations for an Order externalDocs: description: "RFC 8555, section 7.5" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.5 operationId: getAuthorizations_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string - name: authorizationId in: path description: Authorization Id required: true schema: type: string requestBody: description: Get Authorization of Order JWS Payload content: application/jose+json: schema: type: string required: true responses: "200": description: Authorizations retrieved content: application/json: schema: $ref: "#/components/schemas/Authorization" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/acct/{accountId}: post: tags: - ACME RA Profile summary: Update Account externalDocs: description: "RFC 8555, section 7.3.2" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.2 operationId: updateAccount_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string - name: accountId in: path description: Account ID required: true schema: type: string requestBody: description: Account JWS payload content: application/jose+json: schema: $ref: "#/components/schemas/NewAccountRequest" required: true responses: "200": description: ACME Account updated content: application/json: schema: $ref: "#/components/schemas/Account" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/new-nonce: get: tags: - ACME operations summary: New Nonce externalDocs: description: "RFC 8555, section 7.2" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.2 operationId: getNonce parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string responses: "204": description: New Nonce retrieved "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] head: tags: - ACME operations summary: New Nonce externalDocs: description: "RFC 8555, section 7.2" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.2 operationId: headNonce parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string responses: "200": description: New Nonce retrieved "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/new-nonce: get: tags: - ACME RA Profile summary: New Nonce externalDocs: description: "RFC 8555, section 7.2" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.2 operationId: getNonce_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string responses: "204": description: New Nonce retrieved "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] head: tags: - ACME RA Profile summary: New Nonce externalDocs: description: "RFC 8555, section 7.2" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.2 operationId: headNonce_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string responses: "200": description: New Nonce retrieved "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: '*/*': schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/{acmeProfileName}/directory: get: tags: - ACME operations summary: Get Directory information externalDocs: description: "RFC 8555, section 7.1.1" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.1 operationId: getDirectory parameters: - name: acmeProfileName in: path description: ACME Profile name required: true schema: type: string responses: "200": description: Directory information retrieved content: application/json: schema: $ref: "#/components/schemas/Directory" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] /v1/protocols/acme/raProfile/{raProfileName}/directory: get: tags: - ACME RA Profile summary: Get Directory information externalDocs: description: "RFC 8555, section 7.1.1" url: https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.1 operationId: getDirectory_1 parameters: - name: raProfileName in: path description: RA Profile name required: true schema: type: string responses: "200": description: Directory information retrieved content: application/json: schema: $ref: "#/components/schemas/Directory" "400": description: Bad Request content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "404": description: Not Found content: application/json: schema: $ref: "#/components/schemas/ErrorMessageDto" "500": description: Internal Server Error "401": description: Unauthorized content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" "403": description: Forbidden content: application/problem+json: schema: $ref: "#/components/schemas/ProblemDocument" security: [] components: schemas: CertificateRevocationRequest: type: object properties: certificate: type: string description: Certificate in base64url-encoded version of DER format examples: - reason: type: integer format: int32 description: Revocation reason code example: 1 externalDocs: description: "RFC 5280, section 5.3.1" url: https://datatracker.ietf.org/doc/html/rfc5280#section-5.3.1 required: - certificate ErrorMessageDto: type: object properties: message: type: string description: Error message detail examples: - Error message required: - message ProblemDocument: type: object properties: type: type: string description: Type of the ACME problem examples: - notFound title: type: string description: ACME problem title examples: - Not Found detail: type: string description: ACME problem details examples: - Requested object is not found instance: type: string description: URL of the changes if something needs to be approved examples: - https://some-company.com/instances/changes subproblems: type: array description: List of subproblems related to error items: $ref: "#/components/schemas/ProblemDocument" algorithms: type: array description: List of supported algorithms example: - ES256 items: type: string required: - detail - instance - type Identifier: type: object properties: type: type: string description: Type of the Identifier examples: - dns value: type: string description: Value of Identifier examples: - www.some-domain.com required: - type - value Order: type: object properties: status: type: string description: Status of the Order enum: - pending - ready - processing - valid - invalid examples: - pending expires: type: string format: date-time description: Expiry time of the Order identifiers: type: array description: List of Order Identifiers items: $ref: "#/components/schemas/Identifier" notBefore: type: string format: date-time description: Value of notBefore field in the Certificate notAfter: type: string format: date-time description: Value of notAfter field in the Certificate error: $ref: "#/components/schemas/ProblemDocument" description: Errors in Order authorizations: type: array description: List of URLs to check for Authorizations example: - https://someserver.com/api/v1/protocols/acme/authz/YT65KFut6 items: type: string finalize: type: string description: URL to finalize the Order. Mandatory if the Order is in ready state examples: - https://someserver.com/api/v1/protocols/acme/order/YT65KFut6/finalize certificate: type: string description: URL to download the Certificate examples: - https://someserver.com/api/v1/protocols/acme/cert/YT65KFut6 required: - status CertificateFinalizeRequest: type: object properties: csr: type: string description: CSR in Base64url-encoded version of the DER format examples: - required: - csr CertificateIssuanceRequest: type: object properties: identifiers: type: array description: List of Identifiers for the Order items: $ref: "#/components/schemas/Identifier" notBefore: type: string format: date-time description: Requested value of notBefore field in the certificate notAfter: type: string format: date-time description: Requested value of notAfter field in the certificate required: - identifiers NewAccountRequest: type: object properties: contact: type: array description: List of contacts for the Account. Required if the required flag is set in ACME Profile example: - mailto:someadmin@domain.com items: type: string termsOfServiceAgreed: type: boolean description: "Terms of Service agreed flag. true = Yes, false = No. Required\ \ if the required flag is set in ACME Profile" example: false onlyReturnExisting: type: boolean default: false description: Return existing Account only flag example: false Account: type: object properties: status: $ref: "#/components/schemas/AccountStatus" description: Status of the ACME Account examples: - valid contact: type: array description: List of contacts for ACME Account example: - mailto:someadmin@domain.com items: type: string termsOfServiceAgreed: type: boolean description: "Terms of Service agreed flag. Yes = true, No = false" example: true orders: type: string description: URL to get the list of Orders for the Account examples: - http://some-server.com/acme/orders/JHJGfgf34s required: - orders - status AccountStatus: type: string enum: - valid - deactivated - revoked KeyRollover: type: object properties: account: type: string description: Account URL examples: - https://example.com/v1/protocols/acme/acct/evOfKhNU60wg oldKey: type: string description: Old key of the Account examples: - required: - account - oldKey Challenge: type: object properties: type: type: string description: Type of Challenge enum: - http-01 - dns-01 examples: - dns-01 url: type: string description: URL to which the response can be posted after the client completes the Challenge examples: - https://some-server.com/api/v1/protocols/acme/chall/JHjhrt&6hf status: type: string description: Challenge status enum: - pending - valid - invalid - processing validated: type: string format: date-time description: Timestamp at which the Challenge is validated error: $ref: "#/components/schemas/ProblemDocument" description: Errors in Challenge validation token: type: string description: Token for the Challenge examples: - JGuyIUgkRGFYTER658ykjfYFur76fkFitur7FGHRiytrkfIruFF required: - status - token - type - url Authorization: type: object properties: identifier: $ref: "#/components/schemas/Identifier" description: ACME Identifier status: type: string description: ACME Authorization status enum: - pending - valid - invalid - deactivated - expired - revoked examples: - pending expires: type: string format: date-time description: Expiry of Authorization challenges: type: array description: List of Challenges for the client to complete items: $ref: "#/components/schemas/Challenge" wildcard: type: boolean description: Is wildcard certificate example: false required: - identifier - status Directory: type: object properties: newNonce: type: string description: URL to get new Nonce examples: - http://some-server.com/v1/protocols/acme/new-nonce newAccount: type: string description: URL for the new Account examples: - http://some-server.com/v1/protocols/acme/new-account newOrder: type: string description: URL for the new Order examples: - http://some-server.com/v1/protocols/acme/new-order newAuthz: type: string description: URL for the new Authorization examples: - http://some-server.com/v1/protocols/acme/new-authz revokeCert: type: string description: URL for revoking a certificate examples: - http://some-server.com/v1/protocols/acme/revoke-cert keyChange: type: string description: ' URL for changing the key of an Account' examples: - http://some-server.com/v1/protocols/acme/key-change meta: $ref: "#/components/schemas/DirectoryMeta" description: Metadata for the Directory object required: - keyChange - meta - newAccount - newAuthz - newNonce - newOrder - revokeCert DirectoryMeta: type: object properties: termsOfService: type: string description: Terms of Service URL examples: - https://sample-url.com/termsOfService website: type: string description: Website URL examples: - https://sample-company.com externalAccountRequired: type: boolean default: false description: External Account Binding flag caaIdentities: type: array description: Array of CAA record validation servers example: - example1.com - example2.com items: type: string