Document toolboxDocument toolbox

Nexus Documentation
CURL vulnerability information (CVE-2023-38545) - Nexus awareness advisory on Microsoft's update KB5014754

Fetch certificates via REST API

Owned by Ylva Andersson
Last updated: Sept 26, 2024Version comment
2 min read

This article describes how an Operator fetches a single certificate via a REST API in the Workplace package in Smart ID Identity Manager.

Prerequisites

  • Usage of an external tool (for example Postman) to make the request towards Identity Manager

  • Known credentials to authorize towards the REST API endpoint

Step-by-step instruction

  1. To initiate the process, you must send a POST request to search for a certificate using the provided serial number.
    In the table below you will find the details about how to configure the POST request:

URL

URL

<host>/ws/processes/WorkplacelAPIProcGetCertificateData/startGetDataAndExecute/WorkplaceTaskDisplayCertificateData?tenantId=1&maxAttempts=10&interval=150

Headers

Content-Type

application/xml

Body

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<data>
<field name="PcmDpCertificate_CertSerial">12345ABCDE</field>
</data>

Authorization

username

password

XXX

XXX

As shown in the example in the table, the process is triggered to search for a certificate with the serial number 12345ABCDE. Below you will see the result (shortened version)

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <data>     <field name="Device_CreationDate" type="DATE">2020-11-05T16:26:08.139+01:00</field>     <field name="PcmDpCertificate_ValidFrom" type="DATE">2020-11-05T16:26:50+01:00</field>     <field name="Device_commonName" type="STRING">xyz</field>     <field name="executeSearchResultCount" type="STRING">1</field>     <field name="Meta_CoreObjectState_PcmDpCertificate" type="STRING">certExpired</field>     <field name="PcmDpCertificate_ModificationDate" type="DATE">2022-11-11T07:55:02.582+01:00</field>     <field name="PcmDpCertificate_searchString" type="STRING"></field>     <field name="Device_EnrolmentProtocol" type="STRING">CSR</field>     <field name="Meta_CoreTemplateName_PcmDpCertificate" type="STRING">LPLServerandServicetechnicalAuthenticationP10EE</field>     <field name="PcmDpCertificate_CreationDate" type="DATE">2020-11-05T16:26:50.754+01:00</field>

After locating the certificate using the provided serial number, it is verified whether there is an associated device. If such a relationship exists, the device's data will also be included in the result.

For the case of not finding any results, the output looks like this:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <data>     <field name="executeSearchResultCount" type="STRING">0</field>     <field name="PcmDpCertificate_CertSerial" type="STRING">14281d87e1be2f5a39bb255f37b765f68</field>     <field name="timeoutDuration" type="STRING">PT2H</field>     <field name="CoreObjectDescriptorList" type="STRING">[]</field> </data>

executeSearchResultCount reflects the number of results of the query.

Use case details

Overview and technical details

Use case description

As an operator, I want to fetch a single certificate via REST API

Outcome

Fetched certificate data with related device (in case of existing relation)

Symbolic name

WorkplacelAPIProcGetCertificateData

Process name

Fetch certificate

Component

Identity Manager Operator

Process start

External tool

Related information

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions