5.4.3.6 User certificate registration in Public Key Upload Mode
For DApps in Public Key Upload mode, after the participant registered the sub-users on the PCN by using “User Registration API” (section 5.4.3.4), he/she can use this interface to upload public key registration applications and receive the certificates (DApp access key pair certificates) for the sub-users. Invoking this interface from Key Trust Mode DApp will return an error message.
1. Interface address: https://PCNGatewayAddress/api/fabric/v1/user/enroll
2. Call Method: POST
3. Signature algorithm: required and refer to Section 5.4.3.1
4. Call parameters
| No. | Field name | Field | Type | Required | Remarks |
|---|---|---|---|---|---|
| 1 | Header | header | Map | Y | |
| 2 | Body | body | Map | N | |
| 3 | Signature Value | mac | String | Y | |
| Header | |||||
| 1 | user unique ID | userCode | String | Y | |
| 2 | DApp unique ID | appCode | String | Y | |
| Body | |||||
| 1 | user name | name | String | Y | user name used at registration |
| 2 | user password | secret | String | Y | Password created at registration |
| 3 | Certificate Application file content | csrPem | string | Y | Use the ECDSA (secp256r1) algorithm to generate the certificate application file; the certificate CN is name@appCode |
Example:
{"header":{"userCode":"USER0001202004151958010871292","appCode":"app0001202004161020152918451","tId":""},"mac":"MEQCICQaYMzs+edIQkfpt5hoaSO5dWqcrY7Q75FYwyJo/B4rAiAQ10aEpdNATsZYHVcJJ4TxVCgY8XdQBBIyTAOqUmSjkw==","body":{"name":"user01","secret":"123456","csrPem":"-----BEGIN CERTIFICATE REQUEST-----\nMIHoMIGQAgEAMC4xLDAqBgNVBAMMI3VzZXIwMUBhcHAwMDAxMjAyMDA0MTYxMDIw\nMTUyOTE4NDUxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnguk1xunmuU1bnKB\nam8QmeK6Geg/O6kL2D2ig85UMQTpG/sb9iYkduz8iC9SRnF9TvLiHuvJX2FGAOAQ\nK1Vz8aAAMAoGCCqGSM49BAMCA0cAMEQCIE19Iin91KlfEvfFIbxhF14enFHhtvOU\n5rK86huFiMMQAiBYXO4fJBq6eLGjaavR71O9fOvVZ5W7X+GQjIlQDuDgPQ==\n-----END CERTIFICATE REQUEST-----\n"}}
5. Response parameters
| No. | Field name | Field | Type | Required | Remarks |
|---|---|---|---|---|---|
| 1 | Header | header | Map | Y | |
| 2 | Body | body | Map | Y | |
| 3 | Signature Value | mac | String | Y | |
| Header | |||||
| 1 | Response ID | code | int | Y | 0: successful -1: failed |
| 2 | Response Message | msg | String | Y | |
| Body | |||||
| 1 | Certificate content | cert | String | Y |
Example:
{
"header": {
"code": 0,
"msg": "Transaction Successful"
},
"mac": "MEUCIQCE0gg5VHWsZluNKAV2+xOJANGnCkw6f9J4+mFT1TWz/gIgfu93jqzTzk0DU2lfMKnExcwVbgelWMLvLmwKplCXNBA=",
"body": {
"cert": "-----BEGIN CERTIFICATE-----\nMIICvTCCAmSgAwIBAgIUcqn2HmCYmq/V2yKbnxuvc49KU00wCgYIKoZIzj0EAwIw\nTjELMAkGA1UEBhMCQ04xEDAOBgNVBAgTB0JlaWppbmcxDDAKBgNVBAoTA0JTTjEP\nMA0GA1UECxMGY2xpZW50MQ4wDAYDVQQDEwVic25jYTAgFw0yMDA0MjEwNTAzMDBa\nGA8yMTAwMDMyMTExMDQwMFowbDE8MA0GA1UECxMGY2xpZW50MA8GA1UECxMIb3Jn\nYm5vZGUwDgYDVQQLEwdic25iYXNlMAoGA1UECxMDY29tMSwwKgYDVQQDDCN1c2Vy\nMDFAYXBwMDAwMTIwMjAwNDE2MTAyMDE1MjkxODQ1MTBZMBMGByqGSM49AgEGCCqG\nSM49AwEHA0IABJ4LpNcbp5rlNW5ygWpvEJniuhnoPzupC9g9ooPOVDEE6Rv7G/Ym\nJHbs/IgvUkZxfU7y4h7ryV9hRgDgECtVc/Gjgf8wgfwwDgYDVR0PAQH/BAQDAgeA\nMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFG28toKRbzJTFa6v/xlIYr6S9EvaMB8G\nA1UdIwQYMBaAFAcI4H+kIs8vn94ZYYpkrd+5ldMKMIGbBggqAwQFBgcIAQSBjnsi\nYXR0cnMiOnsiaGYuQWZmaWxpYXRpb24iOiJvcmdibm9kZS5ic25iYXNlLmNvbSIs\nImhmLkVucm9sbG1lbnRJRCI6InVzZXIwMUBhcHAwMDAxMjAyMDA0MTYxMDIwMTUy\nOTE4NDUxIiwiaGYuVHlwZSI6ImNsaWVudCIsInJvbGUiOiJjbGllbnQifX0wCgYI\nKoZIzj0EAwIDRwAwRAIgLtlTps/DOHK8S3La7bnlChB+88b1Fko9bOAL36oAFPIC\nIHQPCC30MoTHIId/X3fC5IxNukssmlMnEuDX73zRL55/\n-----END CERTIFICATE-----\n"
}
}