-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
intro.txt
52 lines (41 loc) · 1.82 KB
/
intro.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
INTRODUCTION TO THE CFSSL API
The CFSSL API allows applications to access the functionality of CFSSL
over an unauthenticated HTTP connection. By default, the API is
unauthenticated, it is important to understand that the CFSSL API
server must be running in a trusted environment in this case.
There are currently thirteen endpoints, each of which may be found under
the path `/api/v1/cfssl/<endpoint>`. The documentation for each
endpoint is found in the `doc/api` directory in the project source
under the name `endpoint_<endpoint>`. These thirteen endpoints are:
- authsign: authenticated signing endpoint
- bundle: build certificate bundles
- certinfo: lookup a certificate's info
- crl: generates a CRL out of the certificate DB
- health: return health status
- info: obtain information about the CA, including the CA
certificate
- init_ca: initialise a new certificate authority
- newcert: generate a new private key and certificate
- newkey: generate a new private key and certificate signing
request
- revoke: revoke a certificate
- scan: scan servers to determine the quality of their TLS set up
- scaninfo: list options for scanning
- sign: sign a certificate
RESPONSES
Responses take the form of the new CloudFlare API response format:
{
"result": <some data>,
"success": true,
"errors": [],
"messages": [],
}
Both the "messages" and "errors" fields have the same general format:
a message or error has the form
{
"code:" 1234,
"message": "Informative message."
}
If "success" is not "true", the result should be discarded, and the
errors examined to determine what happened. The CFSSL error codes are
documented in the `doc/errors.txt` file in the project source.