CertVault API (2.6.0)
Download OpenAPI specification:
CertVault RESTful API Doc
CertVault Self-Signed SSL Certificate Management Platform.
Login
User login
Request Body schema: application/jsonrequired
Login entity
| username required | string User account(can be username or email) |
| password required | string Password of the user |
Responses
Request samples
- Payload
Content type
application/json
{- "username": "testadmin",
- "password": 123456
}Response samples
- 200
- 444
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "username": "john.doe",
- "displayName": "John Doe",
- "email": "john.doe@example.com",
- "role": 2,
- "isPasswordInitialized": true
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Response samples
- 200
- 204
Content type
application/json
{- "code": 200,
- "msg": "OIDC Enabled",
- "data": [
- {
- "provider": "oidc",
- "displayName": "OpenID Connect",
- "logo": "data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiA/PjwhRE9DVFlQRSBzdmcgIFBVQkxJQyAnLS8vVzNDLy9EVEQgU1ZHIDEuMS8vRU4nICAnaHR0cDovL3d3dy53My5vcmcvR3JhcGhpY3MvU1ZHLzEuMS9EVEQvc3ZnMTEuZHRkJz48c3ZnIGhlaWdodD0iNTEycHgiIHN0eWxlPSJlbmFibGUtYmFja2dyb3VuZDpuZXcgMCAwIDUxMiA1MTI7IiB2ZXJzaW9uPSIxLjEiIHZpZXdCb3g9IjAgMCA1MTIgNTEyIiB3aWR0aD0iNTEycHgiIHhtbDpzcGFjZT0icHJlc2VydmUiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiPjxnIGlkPSJfeDMyXzM5LW9wZW5pZCI+PGc+PHBhdGggZD0iTTIzNC44NDksNDE5djYuNjIzYy03OS4yNjgtOS45NTgtMTM5LjMzNC01My4zOTMtMTM5LjMzNC0xMDUuNzU3ICAgIGMwLTM5LjMxMywzMy44NzMtNzMuNTk1LDg0LjQ4NS05Mi41MTFMMTc4LjAyMywxODBDODguODkyLDIwMi40OTcsMjYuMDAxLDI1Ni42MDcsMjYuMDAxLDMxOS44NjYgICAgYzAsNzYuMjg4LDkwLjg3MSwxMzkuMTI4LDIwOC45NSwxNDkuNzA1bDAuMDE4LTAuMDA5VjQxOUgyMzQuODQ5eiIgc3R5bGU9ImZpbGw6I0IyQjJCMjsiLz48cG9seWdvbiBwb2ludHM9IjMwNC43NzIsNDM2LjcxMyAzMDQuNjcsNDM2LjcxMyAzMDQuNjcsMjIxLjY2NyAzMDQuNjcsMjEzLjY2NyAzMDQuNjcsNDIuNDI5ICAgICAyMzQuODQ5LDc4LjI1IDIzNC44NDksMjIxLjY2NyAyMzQuOTY5LDIyMS42NjcgMjM0Ljk2OSw0NjkuNTYzICAgIiBzdHlsZT0iZmlsbDojRjc5MzFFOyIvPjxwYXRoIGQ9Ik00ODUuOTk5LDI5MS45MzhsLTkuNDQ2LTEwMC4xMTRsLTM1LjkzOCwyMC4zMzFDNDE1LjA4NywxOTYuNjQ5LDM4Mi41LDE3Ny41LDM0MCwxNzcuMjYxICAgIGwwLjAwMiwzNi40MDZ2Ny40OThjMy41MDIsMC45NjgsNi45MjMsMi4wMjQsMTAuMzAxLDMuMTI1YzE0LjE0NSw0LjYxMSwyNy4xNzYsMTAuMzUyLDM4LjY2NiwxNy4xMjhsLTM3Ljc4NiwyMS4yNTQgICAgTDQ4NS45OTksMjkxLjkzOHoiIHN0eWxlPSJmaWxsOiNCMkIyQjI7Ii8+PC9nPjwvZz48ZyBpZD0iTGF5ZXJfMSIvPjwvc3ZnPg=="
}
], - "timestamp": "2025-03-29T00:59:00.06971"
}OIDC Callback
OpenID Connect IdP Login Success Callback Endpoint
query Parameters
| code required | string Example: code=c1ds5v1... OpenID Connect IdP Response JWT Code |
| state required | string Example: state=s1ds5v1... OpenID Connect IdP Response State |
Responses
Response samples
- 204
- 302
- 444
Content type
application/json
{- "code": 204,
- "msg": "OIDC Disabled",
- "data": null,
- "timestamp": "2025-03-29T00:59:00+08:00"
}OIDC Callback
OpenID Connect IdP Login Success Callback Endpoint
path Parameters
| provider required | string OIDC provider |
query Parameters
| code required | string Example: code=c1ds5v1... OpenID Connect IdP Response JWT Code |
| state required | string Example: state=s1ds5v1... OpenID Connect IdP Response State |
Responses
Response samples
- 204
- 302
- 444
Content type
application/json
{- "code": 204,
- "msg": "OIDC Disabled",
- "data": null,
- "timestamp": "2025-03-29T00:59:00+08:00"
}Renew Certificate
Renew the SSL certificate
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 SSL certificate UUID |
Request Body schema: application/jsonrequired
New expiry
any (JsonNode)
Responses
Request samples
- Payload
Content type
application/json
{- "expiry": 365
}Response samples
- 200
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": 200,
- "message": "Success",
- "data": {
- "uuid": "2f2d63a8-b29c-4404-ae10-81f5ff023a69",
- "algorithm": "RSA",
- "keySize": 2048,
- "privkey": null,
- "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk...",
- "caUuid": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "notBefore": "2025-03-22T23:05:54+08:00",
- "notAfter": "2035-03-20T23:05:54+08:00",
- "comment": "CertVault Website SSL Certificate"
}
}Delete Certificate
Delete the SSL certificate
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 SSL certificate UUID |
Responses
Response samples
- 200
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Get User Certificate List
Retrieve all certificate information for the user (paged retrieval)
query Parameters
| keyword | string Example: keyword=72267ce5-e94a-4cdb-b35b-63f1f385b253 Search keywords (Can be UUID, comments) |
| page | integer <int32> Default: 1 Example: page=1 Page number |
| limit | integer <int32> Default: 10 Example: limit=10 Page limit |
| orderBy | string Example: orderBy=username Order by field |
| isAsc | boolean Default: true Example: isAsc=true Ascending or descending |
Responses
Response samples
- 200
- 204
- 401
- 404
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "total": "100",
- "list": [
- {
- "uuid": "72267ce5-e94a-4cdb-b35b-63f1f385b253",
- "caUuid": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "algorithm": "RSA",
- "keySize": 2048,
- "owner": "gregPerlinLi",
- "comment": "Cert Vault SSL Certificate",
- "notBefore": "2025-03-19T01:38:31+08:00",
- "notAfter": "2025-06-17T01:38:31+08:00",
- "createdAt": "2025-03-19T01:38:31+08:00",
- "modifiedAt": "2025-03-19T01:38:31+08:00"
}
]
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Request Certificate
Request a new SSL certificate
Request Body schema: application/jsonrequired
Request certificate entity
| caUuid | string CA UUID |
| allowSubCa | boolean Whether to allow sub-CA |
| algorithm | string Algorithm (Can be RSA, EC, Ed25519) |
| keySize | integer <int32> Key Size |
| country required | string Country |
| province required | string Province |
| city required | string City |
| organization required | string Organization |
| organizationalUnit required | string Organizational Unit |
| commonName required | string Common Name |
| expiry required | integer <int32> Expiry (day) |
Array of objects (SubjectAltName) Subject Alternative Name | |
| comment | string Comment |
Responses
Request samples
- Payload
Content type
application/json
{- "caUuid": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "allowSubCa": true,
- "algorithm": "RSA",
- "keySize": 2048,
- "country": "CN",
- "province": "Guangdong",
- "city": "Canton",
- "organization": "GregPerlinLi",
- "organizationalUnit": "Cert Vault",
- "commonName": "a.b.c",
- "expiry": 30,
- "subjectAltNames": [
- {
- "type": "DNS_NAME",
- "value": "a.b.c"
}, - {
- "type": "IP_ADDRESS",
- "value": "10.18.0.1"
},
], - "comment": "CertVault SSL Certificate"
}Response samples
- 200
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": 200,
- "message": "Success",
- "data": {
- "uuid": "2f2d63a8-b29c-4404-ae10-81f5ff023a69",
- "algorithm": "RSA",
- "keySize": 2048,
- "privkey": "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2Z0lCQU...",
- "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk...",
- "caUuid": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "notBefore": "2025-03-22T23:05:54+08:00",
- "notAfter": "2035-03-20T23:05:54+08:00",
- "comment": "CertVault Website SSL Certificate"
}
}Get SSL Certificate Private Key
Retrieve the private key of the SSL certificate (Need user password verify)
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 SSL certificate UUID |
Request Body schema: application/jsonrequired
Confirm password
any (JsonNode)
Responses
Request samples
- Payload
Content type
application/json
{- "password": "123456"
}Response samples
- 200
- 204
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": "string",
- "timestamp": "2025-03-19T01:38:31+08:00"
}Analyze Private Key
Private key parser, used for parsing private key information
Request Body schema: application/jsonrequired
Private key Base64
any (JsonNode)
Responses
Request samples
- Payload
Content type
application/json
{- "privkey": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC1GAQWvotGCPu1QAB14hzKF5C2bc9WRecF..."
}Response samples
- 200
- 401
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "algorithm": "RSA",
- "encoded": "MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC1GAQWvotGCPu1QAB14hzKF5C2bc9WRecF...",
- "format": "PKCS#8",
- "params": null,
- "privkey": {
- "modulus": "228609759160589102334607729602696527515026450133506517096342257090026912981548985018...",
- "prime": {
- "p": "153760461261178965010117263539283481275456885011494138046055221948725869202108767925782429...",
- "q": "148679158013366268620605192719915250915997392432944427360405967071016077019192990038738873...",
- "exponentP": "15860059479768219531995555205846412460474061105599895832756050786172496083224060777549921...",
- "exponentQ": "70091570654454189775275310653134894674773874858602789687155389453684372424508088869445904..."
}, - "privateExponent": "3299540277858327843787562009722609295153325895010205143986299967674084211807790788851983...",
- "publicExponent": "65537",
- "coefficient": "132134676487591500472106038450127896519064821839151815733859424292775374431869116103238791..."
}
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Convert PEM to PFX(PKCS12)
Convert PEM format certificate and private key to PFX(PKCS12) format
Request Body schema: application/jsonrequired
Certificate Base64
any (JsonNode)
Responses
Request samples
- Payload
Content type
application/json
{- "cert": "MIIB+zCCAVigAwIBAgIQJz+JlZg97kbB6ZnzUfe8pYDANBgk...",
- "privkey": "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2Z0lCQU...",
- "password": "password"
}Response samples
- 200
- 401
- 422
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": "string",
- "timestamp": "2025-03-19T01:38:31+08:00"
}Convert PEM to DER
Convert PEM format certificate and private key to DER format
Request Body schema: application/jsonrequired
Base64 encoded Certificate and Private Key Information
| cert required | string Certificate with BASE64 encoding |
| privkey | string Private key with BASE64 encoding |
Responses
Request samples
- Payload
Content type
application/json
{- "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV2QUl...",
- "privkey": "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2QUl..."
}Response samples
- 200
- 401
- 422
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV2QUl...",
- "privkey": "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2QUl..."
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Convert DER to PEM
Convert DER format certificate and private key to PEM format
Request Body schema: application/jsonrequired
Base64 encoded Certificate and Private Key Information
| cert required | string Certificate with BASE64 encoding |
| privkey | string Private key with BASE64 encoding |
Responses
Request samples
- Payload
Content type
application/json
{- "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV2QUl...",
- "privkey": "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2QUl..."
}Response samples
- 200
- 401
- 422
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV2QUl...",
- "privkey": "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2QUl..."
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Analyze Certificate
Certificate parser, used for parsing certificate information
Request Body schema: application/jsonrequired
Certificate Base64
any (JsonNode)
Responses
Request samples
- Payload
Content type
application/json
{- "cert": "MIIB+zCCAVigAwIBAgIQJz+JlZg97kbB6ZnzUfe8pYDANBgk..."
}Response samples
- 200
- 401
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "subject": "C=CN,ST=Guangdong,L=Canton,O=GregPerlinLi,OU=CertVault,CN=a.b.c,E=test@example.com",
- "issuer": "C=CN,ST=Guangdong,L=Canton,O=GregPerlinLi,OU=CertVault,CN=CertVault,E=test@example.com",
- "notBefore": "2025-03-16T17:47:31+08:00",
- "notAfter": "2025-04-15T17:47:31+08:00",
- "serialNumber": "270437134803127796822084897079779361349",
- "publicKey": {
- "modulus": "27228785212927428737771860203521436191416421175100205454382431265594855967985632309468958148378247733975427437215287450921497030089159042637171587909338104950951468346622011497774866599914499772913232124067048957473507324932111466579075770019006239562097950887578380380351965073168545804309746900931657224661678530372714410855922734561728488370891868763766725189024112843185736499314827869994102612012859480648578770392684920448854880316939200542419448930131201774453139638113733093803960821686343047917906589960134274152756270862641854968301124244102646389827505217344218437902984794140086188049888289041283304310827",
- "publicExponent": "65537",
- "encoded": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17GK+JlZg97kbB6ZnzUfe8pYBO5qScuo/zKGXe6RCBxcps6GrTsagc9BPCpCpfs0GirzAevxHqrK4doC0B3ZHePmXVinZp7f+6oNL93+1FFqkkT+JcSJQpnxR6dluhPfFtJbNErn1QNKdlYq+kwp/tmBWKOzYM0EdTpYd8qit6lXr9fHWU5C+qHIPxIdurOZBi+tRrBYF5bRusIM3C7bVgX1Lm8Dqvvbeelsdz18sgAgCFo41NiJWW1thqo3MhdLEfINhaOhkftYFuu12ajfAmMJgguJ8ADCCpGR22nlxtIsMvKXpzd/PCMhm83W1MWWRZr2RSAS0oYGD5AndEbIKwIDAQAB",
- "format": "X.509",
- "algorithm": "RSA",
- "params": null
}, - "extensions": {
- "2.5.29.17": "SAN: DNS: a.b.c, IP: 10.18.0.1, Email: test@example.com, URI: https://a.b.c",
- "2.5.29.15": "KeyUsage: Digital Signature, Key Encipherment",
- "2.5.29.37": "EKU: org.bouncycastle.asn1.x509.ExtendedKeyUsage@7a9e2c00"
}
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Response samples
- 200
- 401
- 404
- 422
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "username": "john.doe",
- "displayName": "John Doe",
- "email": "john.doe@example.com",
- "role": 2,
- "isPasswordInitialized": true
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Update User Profile
Update user's own personal information Write the specific part that needs to be modified, do not include any part that does not need to be changed in the body (including keys and values).
Request Body schema: application/jsonrequired
Update user profile entity
| displayName required | string Display name of the user |
| email required | string Email of the user |
| oldPassword required | string Old password of the user |
| newPassword required | string New password of the user |
Responses
Request samples
- Payload
Content type
application/json
{- "displayName": "John Doe",
- "email": "john.doe@example.com",
- "oldPassword": "oldPass123",
- "newPassword": "newPass456"
}Response samples
- 200
- 401
- 404
- 422
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Update Certificate Comment
Update the comment of the certificate
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 SSL certificate UUID |
Request Body schema: application/jsonrequired
Update comment
any (JsonNode)
Responses
Request samples
- Payload
Content type
application/json
{- "comment": "New comment of the cert"
}Response samples
- 200
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Get User Login Records
Retrieve user's own login records (paged retrieval)
query Parameters
| status | integer <int32> Default: -1 Example: status=-1 Login status (-1: all, 0: offline, 1:online) |
| page | integer <int32> Default: 1 Example: page=1 Page number |
| limit | integer <int32> Default: 10 Example: limit=10 Page limit |
| orderBy | string Example: orderBy=username Order by field |
| isAsc | boolean Default: true Example: isAsc=true Ascending or descending |
Responses
Response samples
- 200
- 204
- 401
- 404
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "total": "100",
- "list": [
- {
- "uuid": 1234567890,
- "username": "gregPerlinLi",
- "ipAddress": "10.18.0.1",
- "region": "China",
- "province": "Guangdong",
- "city": "Canton",
- "browser": "Chrome",
- "os": "Windows 10",
- "platform": "Windows",
- "loginTime": "2025-04-05T20:34:00+08:00",
- "isOnline": true,
- "isCurrentSession": false
}
]
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Get SSL Certificate
Retrieve the SSL certificate allocated to the user
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 SSL certificate UUID |
query Parameters
| isChain | boolean Default: false Example: isChain=true Whether to get the certificate chain |
| needRootCa | boolean Default: true Example: needRootCa=true Whether to get the root CA certificate in the chain |
Responses
Response samples
- 200
- 204
- 401
- 403
- 404
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": "string",
- "timestamp": "2025-03-19T01:38:31+08:00"
}Get User CA List
Retrieve all CA information bound to your own account (paged retrieval)
query Parameters
| keyword | string Example: keyword=3885be11-4084-4538-9fa0-70ffe4c4cbe0 Search keywords (Can be UUID, comments) |
| page | integer <int32> Default: 1 Example: page=1 Page number |
| limit | integer <int32> Default: 10 Example: limit=10 Page limit |
| orderBy | string Example: orderBy=username Order by field |
| isAsc | boolean Default: true Example: isAsc=true Ascending or descending |
Responses
Response samples
- 200
- 204
- 401
- 404
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "total": "100",
- "list": [
- {
- "uuid": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "algorithm": "RSA",
- "keySize": 2048,
- "owner": "gregPerlinLi",
- "parentCa": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "allowSubCa": true,
- "comment": "Cert Vault Default Intermediate Certificate Authority",
- "available": true,
- "notBefore": "2025-03-23T10:14:45+08:00",
- "notAfter": "2035-03-21T10:14:45+08:00",
- "createdAt": "2025-03-18T11:10:14+08:00",
- "modifiedAt": "2025-03-23T10:14:45+08:00"
}
]
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Get CA Certificate
Obtain the CA certificate allocated to the user
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 CA UUID |
query Parameters
| isChain | boolean Default: false Example: isChain=true Whether to get the certificate chain |
| needRootCa | boolean Default: true Example: needRootCa=true Whether to get the root CA certificate in the chain |
Responses
Response samples
- 200
- 204
- 401
- 403
- 404
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": "string",
- "timestamp": "2025-03-19T01:38:31+08:00"
}Delete users
Batch delete users
Request Body schema: application/jsonrequired
Username list of the users to be deleted
Array
string
Responses
Request samples
- Payload
Content type
application/json
[- "string"
]Response samples
- 200
- 401
- 403
- 404
- 422
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Create users
Create multiple new users (i.e., import users)
Request Body schema: application/jsonrequired
List of create user entities
Array
| username required | string Username of the user |
| displayName required | string Display name of the user |
| email required | string Email address of the user |
| password required | string Password of the user |
| role required | integer <int32> Role of the user (1: User, 2: Admin, 3: Superadmin) |
Responses
Request samples
- Payload
Content type
application/json
[- {
- "username": "hello",
- "displayName": "Hello Admin",
- "email": "k8qscp.k65@yahoo.com.cn",
- "password": 1234567890,
- "role": 2
}
]Response samples
- 200
- 401
- 403
- 422
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Create user
Create a new user
Request Body schema: application/jsonrequired
Create user entity
| username required | string Username of the user |
| displayName required | string Display name of the user |
| email required | string Email address of the user |
| password required | string Password of the user |
| role required | integer <int32> Role of the user (1: User, 2: Admin, 3: Superadmin) |
Responses
Request samples
- Payload
Content type
application/json
{- "username": "hello",
- "displayName": "Hello Admin",
- "email": "k8qscp.k65@yahoo.com.cn",
- "password": 1234567890,
- "role": 2
}Response samples
- 200
- 401
- 403
- 422
- 444
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "username": "john.doe",
- "displayName": "John Doe",
- "email": "john.doe@example.com",
- "role": 2,
- "isPasswordInitialized": true
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Update users role
Batch update user roles
Request Body schema: application/jsonrequired
List of update user role entities
Array
| username required | string Username of the user whose role information needs to be updated |
| role required | integer <int32> Role of the user (1: User, 2: Admin, 3: Superadmin) |
Responses
Request samples
- Payload
Content type
application/json
[- {
- "username": "john.doe",
- "role": 2
}
]Response samples
- 200
- 401
- 403
- 404
- 422
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Update user information
Update user information
path Parameters
| username required | string Example: user Username of the user to be updated |
Request Body schema: application/jsonrequired
Update user entity
| displayName required | string Display name of the user |
| email required | string Email of the user |
| oldPassword required | string Old password of the user |
| newPassword required | string New password of the user |
Responses
Request samples
- Payload
Content type
application/json
{- "displayName": "John Doe",
- "email": "john.doe@example.com",
- "oldPassword": "oldPass123",
- "newPassword": "newPass456"
}Response samples
- 200
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Update user role
Update user role
Request Body schema: application/jsonrequired
Update user role entity
| username required | string Username of the user whose role information needs to be updated |
| role required | integer <int32> Role of the user (1: User, 2: Admin, 3: Superadmin) |
Responses
Request samples
- Payload
Content type
application/json
{- "username": "john.doe",
- "role": 2
}Response samples
- 200
- 401
- 403
- 404
- 422
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Get login records
Get all user's login records
query Parameters
| keyword | string Example: keyword=gregPerlinLi Search keywords (username) |
| status | integer <int32> Default: -1 Example: status=-1 Status of the login record (-1: all, 0: offline, 1: online) |
| page | integer <int32> Default: 1 Example: page=1 Page number |
| limit | integer <int32> Default: 10 Example: limit=10 Number of records per page |
| orderBy | string Example: orderBy=username Order by field |
| isAsc | boolean Default: true Example: isAsc=true Ascending or descending |
Responses
Response samples
- 200
- 204
- 401
- 403
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "total": "100",
- "list": [
- {
- "uuid": 1234567890,
- "username": "gregPerlinLi",
- "ipAddress": "10.18.0.1",
- "region": "China",
- "province": "Guangdong",
- "city": "Canton",
- "browser": "Chrome",
- "os": "Windows 10",
- "platform": "Windows",
- "loginTime": "2025-04-05T20:34:00+08:00",
- "isOnline": true,
- "isCurrentSession": false
}
]
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Get user's login records
Get a user's login records
path Parameters
| username required | string Example: gregPerlinLi Username |
query Parameters
| status | integer <int32> Default: -1 Example: status=-1 Status of the login record (-1: all, 0: offline, 1: online) |
| page | integer <int32> Default: 1 Example: page=1 Page number |
| limit | integer <int32> Default: 10 Example: limit=10 Number of records per page |
| orderBy | string Example: orderBy=username Order by field |
| isAsc | boolean Default: true Example: isAsc=true Ascending or descending |
Responses
Response samples
- 200
- 204
- 401
- 403
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "total": "100",
- "list": [
- {
- "uuid": 1234567890,
- "username": "gregPerlinLi",
- "ipAddress": "10.18.0.1",
- "region": "China",
- "province": "Guangdong",
- "city": "Canton",
- "browser": "Chrome",
- "os": "Windows 10",
- "platform": "Windows",
- "loginTime": "2025-04-05T20:34:00+08:00",
- "isOnline": true,
- "isCurrentSession": false
}
]
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Renew CA Certificate
Renew the specified CA certificate
path Parameters
| uuid required | string Example: bf35ecb1-9b67-4083-9476-e264ba153188 CA UUID |
Request Body schema: application/jsonrequired
New expiry
any (JsonNode)
Responses
Request samples
- Payload
Content type
application/json
{- "expiry": 3650
}Response samples
- 200
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": {
- "uuid": "bf35ecb1-9b67-4083-9476-e264ba153188",
- "algorithm": "RSA",
- "keySize": 2048,
- "privkey": null,
- "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV2QUl...",
- "parentCa": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "allowSubCa": true,
- "notBefore": "2025-03-23T12:49:45.733",
- "notAfter": "2025-09-19T12:49:45.733",
- "comment": "Cert Vault Default Intermediate Certificate Authority"
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Get all CA information
Retrieve all CA information under this username (paged)
query Parameters
| keyword | string Example: keyword=3885be11-4084-4538-9fa0-70ffe4c4cbe0 Search keywords (Can be UUID, comments) |
| page | integer <int32> Default: 1 Example: page=1 Page number |
| limit | integer <int32> Default: 10 Example: limit=10 Page limit |
| orderBy | string Example: orderBy=username Order by field |
| isAsc | boolean Default: true Example: isAsc=true Ascending or descending |
Responses
Response samples
- 200
- 204
- 401
- 403
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "total": "100",
- "list": [
- {
- "uuid": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "algorithm": "RSA",
- "keySize": 2048,
- "owner": "gregPerlinLi",
- "parentCa": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "allowSubCa": true,
- "comment": "Cert Vault Default Intermediate Certificate Authority",
- "available": true,
- "notBefore": "2025-03-23T10:14:45+08:00",
- "notAfter": "2035-03-21T10:14:45+08:00",
- "createdAt": "2025-03-18T11:10:14+08:00",
- "modifiedAt": "2025-03-23T10:14:45+08:00"
}
]
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Request CA Certificate
Request a new CA certificate
Request Body schema: application/jsonrequired
Request certificate entity
| caUuid | string CA UUID |
| allowSubCa | boolean Whether to allow sub-CA |
| algorithm | string Algorithm (Can be RSA, EC, Ed25519) |
| keySize | integer <int32> Key Size |
| country required | string Country |
| province required | string Province |
| city required | string City |
| organization required | string Organization |
| organizationalUnit required | string Organizational Unit |
| commonName required | string Common Name |
| expiry required | integer <int32> Expiry (day) |
Array of objects (SubjectAltName) Subject Alternative Name | |
| comment | string Comment |
Responses
Request samples
- Payload
Content type
application/json
{- "caUuid": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "allowSubCa": true,
- "country": "China",
- "province": "Guangdong",
- "city": "Canton",
- "organization": "CertVault Develop Org",
- "organizationalUnit": "CertVault Dev",
- "commonName": "CertVault Intermediate CA",
- "expiry": 180,
- "comment": "Cert Vault Default Intermediate Certificate Authority"
}Response samples
- 200
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "uuid": "bf35ecb1-9b67-4083-9476-e264ba153188",
- "algorithm": "RSA",
- "keySize": 2048,
- "privkey": "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2QUl...",
- "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV2QUl...",
- "parentCa": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "allowSubCa": true,
- "notBefore": "2025-03-23T12:49:45+08:00",
- "notAfter": "2025-09-19T12:49:45.733+08:00",
- "comment": "Cert Vault Default Intermediate Certificate Authority"
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Get CA Private Key
Obtain the CA private key allocated to the user (Need user password verify)
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 CA UUID |
Request Body schema: application/jsonrequired
Confirm password
any (JsonNode)
Responses
Request samples
- Payload
Content type
application/json
{- "password": "123456"
}Response samples
- 200
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": "string",
- "timestamp": "2025-03-19T01:38:31+08:00"
}Import CA Certificate
Import a CA certificate and private key allocated to the user
Request Body schema: application/jsonrequired
Import certificate entity
| privkey required | string Private key of the certificate |
| certificate required | string Certificate of the certificate |
| comment required | string Comment of the certificate |
Responses
Request samples
- Payload
Content type
application/json
{- "privkey": "LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUpRd0lCQURBTkJn...",
- "certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUdFekNDQ...",
- "comment": "Testing CA"
}Response samples
- 200
- 401
- 403
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": {
- "uuid": "bf35ecb1-9b67-4083-9476-e264ba153188",
- "algorithm": "RSA",
- "keySize": 2048,
- "privkey": null,
- "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV2QUl...",
- "parentCa": "3885be11-4084-4538-9fa0-70ffe4c4cbe0",
- "allowSubCa": true,
- "notBefore": "2025-03-23T12:49:45.733",
- "notAfter": "2025-09-19T12:49:45.733",
- "comment": "Cert Vault Default Intermediate Certificate Authority"
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Unbind CA Certificate from Users
Batch unbind users from specified CA certificate
Request Body schema: application/jsonrequired
List of CA-User binding entities
Array
| caUuid required | string The UUID of the Certificate Authority (CA) |
| username required | string The username of the user associated with the CA binding |
Responses
Request samples
- Payload
Content type
application/json
[- {
- "caUuid": "2f2d63a8-b29c-4404-ae10-81f5ff023a69",
- "username": "john.doe"
}
]Response samples
- 200
- 401
- 403
- 404
- 422
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Bind CA Certificate to Users
Batch bind users to specified CA certificate
Request Body schema: application/jsonrequired
List of CA-User binding entities
Array
| caUuid required | string The UUID of the Certificate Authority (CA) |
| username required | string The username of the user associated with the CA binding |
Responses
Request samples
- Payload
Content type
application/json
[- {
- "caUuid": "2f2d63a8-b29c-4404-ae10-81f5ff023a69",
- "username": "john.doe"
}
]Response samples
- 200
- 401
- 403
- 404
- 422
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Unbind CA Certificate from User
Unbind a specified CA certificate from a user
Request Body schema: application/jsonrequired
CA-User binding entity
| caUuid required | string The UUID of the Certificate Authority (CA) |
| username required | string The username of the user associated with the CA binding |
Responses
Request samples
- Payload
Content type
application/json
{- "caUuid": "2f2d63a8-b29c-4404-ae10-81f5ff023a69",
- "username": "john.doe"
}Response samples
- 200
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Bind CA Certificate to User
Bind a specified CA for user to sign SSL certificates
Request Body schema: application/jsonrequired
CA-User binding entity
| caUuid required | string The UUID of the Certificate Authority (CA) |
| username required | string The username of the user associated with the CA binding |
Responses
Request samples
- Payload
Content type
application/json
{- "caUuid": "2f2d63a8-b29c-4404-ae10-81f5ff023a69",
- "username": "john.doe"
}Response samples
- 200
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Update CA Comment
Update the comment of the CA allocated to the user
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 CA UUID |
Request Body schema: application/jsonrequired
Update comment
any (JsonNode)
Responses
Request samples
- Payload
Content type
application/json
{- "comment": "This is a comment"
}Response samples
- 200
- 401
- 403
- 404
- 444
Content type
application/json
{- "code": 200,
- "msg": "Success",
- "data": null,
- "timestamp": "2025-04-04T16:16:02+08:00"
}Modify CA Availability
Modify the availability of the CA allocated to the user
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 CA UUID |
Responses
Response samples
- 200
- 401
- 403
- 404
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": true,
- "timestamp": "2025-03-19T01:38:31+08:00"
}Get users
Retrieve all users (paged)
query Parameters
| keyword | string Example: keyword=user Search keywords (Can be username, display name, and email) |
| page | integer <int32> Default: 1 Example: page=1 Page number |
| limit | integer <int32> Default: 10 Example: limit=10 Page limit |
| orderBy | string Example: orderBy=username Order by field |
| isAsc | boolean Default: true Example: isAsc=true Ascending or descending |
Responses
Response samples
- 200
- 204
- 401
- 403
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "total": "100",
- "list": [
- {
- "username": "john.doe",
- "displayName": "John Doe",
- "email": "john.doe@example.com",
- "role": 2,
- "isPasswordInitialized": true
}
]
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Count all users
Calculate the total number of users
query Parameters
| role | integer <int32> Default: 0 Role of the user (0: all user, 1: user, 2: admin, 3: superadmin) |
Responses
Response samples
- 200
- 401
- 403
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": 0,
- "timestamp": "2025-03-19T01:38:31+08:00"
}Count Signed CA Certificates
Count the number of SSL/CA certificates signed by a CA certificate
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 CA UUID |
query Parameters
| caOrSsl | boolean Default: false Flag of CA or SSL (true if count ca certificates, false if count ssl certificates) |
Responses
Response samples
- 200
- 401
- 403
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": 0,
- "timestamp": "2025-03-19T01:38:31+08:00"
}Get CA Certificate Deprecated
Obtain the CA certificate allocated to the user
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 CA UUID |
query Parameters
| isChain | boolean Default: false Example: isChain=true Whether to get the certificate chain |
| needRootCa | boolean Default: true Example: needRootCa=true Whether to get the root CA certificate in the chain |
Responses
Response samples
- 200
- 401
- 403
- 404
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": "string",
- "timestamp": "2025-03-19T01:38:31+08:00"
}Get all user information bound to a ca
Retrieve all user information bound to a ca (paged)
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 CA UUID |
query Parameters
| keyword | string Example: keyword=user Search keywords (Can be username, display name, and email) |
| page | integer <int32> Default: 1 Example: page=1 Page number |
| limit | integer <int32> Default: 10 Example: limit=10 Page limit |
| orderBy | string Example: orderBy=username Order by field |
| isAsc | boolean Default: true Example: isAsc=true Ascending or descending |
Responses
Response samples
- 200
- 204
- 401
- 403
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "total": "100",
- "list": [
- {
- "username": "john.doe",
- "displayName": "John Doe",
- "email": "john.doe@example.com",
- "role": 2,
- "isPasswordInitialized": true
}
]
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Get all user information not bound to a ca
Retrieve all user information not bound to a ca (paged)
path Parameters
| uuid required | string Example: 3885be11-4084-4538-9fa0-70ffe4c4cbe0 CA UUID |
query Parameters
| keyword | string Example: keyword=user Search keywords (Can be username, display name, and email) |
| page | integer <int32> Default: 1 Example: page=1 Page number |
| limit | integer <int32> Default: 10 Example: limit=10 Page limit |
| orderBy | string Example: orderBy=username Order by field |
| isAsc | boolean Default: true Example: isAsc=true Ascending or descending |
Responses
Response samples
- 200
- 204
- 401
- 403
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": {
- "total": "100",
- "list": [
- {
- "username": "john.doe",
- "displayName": "John Doe",
- "email": "john.doe@example.com",
- "role": 2,
- "isPasswordInitialized": true
}
]
}, - "timestamp": "2025-03-19T01:38:31+08:00"
}Count Requested CA Certificates
Count the number of user requested CA certificates
query Parameters
| condition | string Default: "none" Example: condition=none Condition of the CA certificate |
Responses
Response samples
- 200
- 401
- 403
Content type
application/json
{- "code": "200",
- "msg": "Success",
- "data": 0,
- "timestamp": "2025-03-19T01:38:31+08:00"
}