webui.crypto.csr_profiles¶

Return predefined CSR profiles for common certificate types.

Each profile provides recommended defaults for key type, key length or curve, lifetime, digest algorithm, and X.509 extensions (basic constraints, key usage, extended key usage).

Type: object

Type: array
No Additional Items

CSRProfilesModel

Type: object

Default:

{ "HTTPS RSA Certificate": { "cert_extensions": { "BasicConstraints": { "ca": false, "enabled": true, "extension_critical": true }, "ExtendedKeyUsage": { "enabled": true, "extension_critical": true, "usages": [ "SERVER_AUTH", "CLIENT_AUTH" ] }, "KeyUsage": { "digital_signature": true, "enabled": true, "extension_critical": true, "key_agreement": true, "key_encipherment": true } }, "digest_algorithm": "SHA256", "key_length": 2048, "key_type": "RSA", "lifetime": 397 }, "HTTPS ECC Certificate": { "cert_extensions": { "BasicConstraints": { "ca": false, "enabled": true, "extension_critical": true }, "ExtendedKeyUsage": { "enabled": true, "extension_critical": true, "usages": [ "SERVER_AUTH", "CLIENT_AUTH" ] }, "KeyUsage": { "digital_signature": true, "enabled": true, "extension_critical": true } }, "digest_algorithm": "SHA256", "ec_curve": "SECP384R1", "key_type": "EC", "lifetime": 397 } }

No Additional Properties

RSACSRExtensions

Type: object
No Additional Properties

RSACSRExtensionsModel

Type: object

Default:

{ "BasicConstraints": { "ca": false, "enabled": true, "extension_critical": true }, "ExtendedKeyUsage": { "enabled": true, "extension_critical": true, "usages": [ "SERVER_AUTH", "CLIENT_AUTH" ] }, "KeyUsage": { "digital_signature": true, "enabled": true, "extension_critical": true, "key_agreement": true, "key_encipherment": true } }

No Additional Properties

BasicConstraintsModel

Type: object

Default:

{ "enabled": true, "ca": false, "extension_critical": true }

No Additional Properties

Enabled

Type: boolean Default: true

Ca

Type: boolean Default: false

Extension Critical

Type: boolean Default: true

ExtendedKeyUsageModel

Type: object

Default:

{ "enabled": true, "extension_critical": true, "usages": [ "SERVER_AUTH", "CLIENT_AUTH" ] }

No Additional Properties

Enabled

Type: boolean Default: true

Extension Critical

Type: boolean Default: true

Usages

Type: array of string Default: ["SERVER_AUTH", "CLIENT_AUTH"]
No Additional Items

Each item of this array must be:

Type: string

RSAKeyUsageModel

Type: object

Default:

{ "enabled": true, "extension_critical": true, "digital_signature": true, "key_encipherment": true, "key_agreement": true }

No Additional Properties

Enabled

Type: boolean Default: true

Extension Critical

Type: boolean Default: true

Digital Signature

Type: boolean Default: true

Key Encipherment

Type: boolean Default: true

Key Agreement

Type: boolean Default: true

Key Length

Type: integer Default: 2048

Key Type

Type: string Default: "RSA"

Lifetime

Type: integer Default: 397

Digest Algorithm

Type: string Default: "SHA256"

ECCCSRExtensions

Type: object
No Additional Properties

ECCCSRExtensionsModel

Type: object

Default:

{ "BasicConstraints": { "ca": false, "enabled": true, "extension_critical": true }, "ExtendedKeyUsage": { "enabled": true, "extension_critical": true, "usages": [ "SERVER_AUTH", "CLIENT_AUTH" ] }, "KeyUsage": { "digital_signature": true, "enabled": true, "extension_critical": true } }

No Additional Properties

BasicConstraintsModel

Type: object

Default:

{ "enabled": true, "ca": false, "extension_critical": true }

No Additional Properties

Enabled

Type: boolean Default: true

Ca

Type: boolean Default: false

Extension Critical

Type: boolean Default: true

ExtendedKeyUsageModel

Type: object

Default:

{ "enabled": true, "extension_critical": true, "usages": [ "SERVER_AUTH", "CLIENT_AUTH" ] }

No Additional Properties

Enabled

Type: boolean Default: true

Extension Critical

Type: boolean Default: true

Usages

Type: array of string Default: ["SERVER_AUTH", "CLIENT_AUTH"]
No Additional Items

Each item of this array must be:

Type: string

ECCKeyUsageModel

Type: object

Default:

{ "enabled": true, "extension_critical": true, "digital_signature": true }

No Additional Properties

Enabled

Type: boolean Default: true

Extension Critical

Type: boolean Default: true

Digital Signature

Type: boolean Default: true

Ec Curve

Type: string Default: "SECP384R1"

Key Type

Type: string Default: "EC"

Lifetime

Type: integer Default: 397

Digest Algorithm

Type: string Default: "SHA256"

Required roles: CERTIFICATE_READ

Table Of Contents

Previous topic

Next topic

webui.crypto.csr_profiles¶

Call parameters

Return value

CSRProfilesModel

HTTPS RSA Certificate

RSACSRExtensions

cert_extensions

RSACSRExtensionsModel

BasicConstraints

BasicConstraintsModel

enabled

Enabled

ca

Ca

extension_critical

Extension Critical

ExtendedKeyUsage

ExtendedKeyUsageModel

enabled

Enabled

extension_critical

Extension Critical

usages

Usages

Each item of this array must be:

KeyUsage

RSAKeyUsageModel

enabled

Enabled

extension_critical

Extension Critical

digital_signature

Digital Signature

key_encipherment

Key Encipherment

key_agreement

Key Agreement

key_length

Key Length

key_type

Key Type

lifetime

Lifetime

digest_algorithm

Digest Algorithm

HTTPS ECC Certificate

ECCCSRExtensions

cert_extensions

ECCCSRExtensionsModel

BasicConstraints

BasicConstraintsModel

enabled

Enabled

ca

Ca

extension_critical

Extension Critical

ExtendedKeyUsage

ExtendedKeyUsageModel

enabled

Enabled

extension_critical

Extension Critical

usages

Usages

Each item of this array must be:

KeyUsage

ECCKeyUsageModel

enabled

Enabled

extension_critical

Extension Critical

digital_signature

Digital Signature

ec_curve

Ec Curve

key_type