Issue Certificate

cURL

curl --request POST \
  --url https://us.infisical.com/api/v3/pki/certificates/issue-certificate \
  --header 'Content-Type: application/json' \
  --data '{
  "profileId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "commonName": "<string>",
  "ttl": "<string>",
  "keyUsages": [
    "digital_signature"
  ],
  "extendedKeyUsages": [
    "client_auth"
  ],
  "notBefore": "<string>",
  "notAfter": "<string>",
  "altNames": [
    {
      "type": "dns_name",
      "value": "<string>"
    }
  ],
  "signatureAlgorithm": "RSA-SHA256",
  "keyAlgorithm": "RSA_2048",
  "removeRootsFromChain": true
}'

{
  "certificate": "<string>",
  "issuingCaCertificate": "<string>",
  "certificateChain": "<string>",
  "privateKey": "<string>",
  "serialNumber": "<string>",
  "certificateId": "<string>"
}

POST

api

pki

certificates

issue-certificate

cURL

curl --request POST \
  --url https://us.infisical.com/api/v3/pki/certificates/issue-certificate \
  --header 'Content-Type: application/json' \
  --data '{
  "profileId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "commonName": "<string>",
  "ttl": "<string>",
  "keyUsages": [
    "digital_signature"
  ],
  "extendedKeyUsages": [
    "client_auth"
  ],
  "notBefore": "<string>",
  "notAfter": "<string>",
  "altNames": [
    {
      "type": "dns_name",
      "value": "<string>"
    }
  ],
  "signatureAlgorithm": "RSA-SHA256",
  "keyAlgorithm": "RSA_2048",
  "removeRootsFromChain": true
}'

{
  "certificate": "<string>",
  "issuingCaCertificate": "<string>",
  "certificateChain": "<string>",
  "privateKey": "<string>",
  "serialNumber": "<string>",
  "certificateId": "<string>"
}

Body

application/json

profileId

string<uuid>

required

ttl

string

required

Minimum length: 1

signatureAlgorithm

enum<string>

required

Available options:

RSA-SHA256,

RSA-SHA384,

RSA-SHA512,

ECDSA-SHA256,

ECDSA-SHA384,

ECDSA-SHA512

keyAlgorithm

enum<string>

required

Available options:

RSA_2048,

RSA_3072,

RSA_4096,

EC_prime256v1,

EC_secp384r1,

EC_secp521r1

commonName

string

Required string length: 1 - 100

keyUsages

enum<string>[]

Show child attributes

extendedKeyUsages

enum<string>[]

Show child attributes

notBefore

string

notAfter

string

altNames

object[]

Show child attributes

removeRootsFromChain

default:false

Response

Default Response

certificate

string

required

issuingCaCertificate

string

required

certificateChain

string

required

serialNumber

string

required

certificateId

string

required

privateKey

string

Retrieve Sign Certificate

Overview

Organization

Project

Shared

Identity Auth

Secrets Management

Infisical PKI

Secret Scanning

Infisical SSH

Infisical KMS

Other

Body

Response