Chilkat Online Tools

CreateCertificateAuthority phpExt Example

AWS Private CA

<?php

// The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number.
// For example, if using Chilkat v9.5.0.48, then include as shown here:
include("chilkat_9_5_0.php");

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$rest = new CkRest();

$authAws = new CkAuthAws();
$authAws->put_AccessKey('AWS_ACCESS_KEY');
$authAws->put_SecretKey('AWS_SECRET_KEY');

// Don't forget to change the region to your particular region. (Also make the same change in the call to Connect below.)
$authAws->put_Region('us-west-2');
$authAws->put_ServiceName('acm-pca');
// SetAuthAws causes Chilkat to automatically add the following headers: Authorization, X-Amz-Date
$rest->SetAuthAws($authAws);

// URL: https://acm-pca.us-west-2.amazonaws.com/
// Use the same region as specified above.
$success = $rest->Connect('acm-pca.us-west-2.amazonaws.com',443,true,true);
if ($success != true) {
    print 'ConnectFailReason: ' . $rest->get_ConnectFailReason() . "\n";
    print $rest->lastErrorText() . "\n";
    exit;
}

// The following code creates the JSON request body.
// The JSON created by this code is shown below.

// Use this online tool to generate code from sample JSON:
// Generate Code to Create JSON

$json = new CkJsonObject();
$json->UpdateInt('CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.CRLSign',123);
$json->UpdateInt('CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.DataEncipherment',123);
$json->UpdateInt('CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.DecipherOnly',123);
$json->UpdateInt('CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.DigitalSignature',123);
$json->UpdateInt('CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.EncipherOnly',123);
$json->UpdateInt('CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.KeyAgreement',123);
$json->UpdateInt('CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.KeyCertSign',123);
$json->UpdateInt('CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.KeyEncipherment',123);
$json->UpdateInt('CertificateAuthorityConfiguration.CsrExtensions.KeyUsage.NonRepudiation',123);
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.CommonName','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Country','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.DistinguishedNameQualifier','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.GenerationQualifier','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.GivenName','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Initials','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Locality','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Organization','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.OrganizationalUnit','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Pseudonym','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.SerialNumber','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.State','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Surname','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DirectoryName.Title','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.DnsName','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.EdiPartyName.NameAssigner','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.EdiPartyName.PartyName','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.IpAddress','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.OtherName.TypeId','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.OtherName.Value','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.RegisteredId','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.Rfc822Name','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessLocation.UniformResourceIdentifier','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessMethod.AccessMethodType','string');
$json->UpdateString('CertificateAuthorityConfiguration.CsrExtensions.SubjectInformationAccess[0].AccessMethod.CustomObjectIdentifier','string');
$json->UpdateString('CertificateAuthorityConfiguration.KeyAlgorithm','string');
$json->UpdateString('CertificateAuthorityConfiguration.SigningAlgorithm','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.CommonName','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.Country','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.DistinguishedNameQualifier','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.GenerationQualifier','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.GivenName','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.Initials','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.Locality','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.Organization','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.OrganizationalUnit','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.Pseudonym','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.SerialNumber','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.State','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.Surname','string');
$json->UpdateString('CertificateAuthorityConfiguration.Subject.Title','string');
$json->UpdateString('CertificateAuthorityType','string');
$json->UpdateString('IdempotencyToken','string');
$json->UpdateString('KeyStorageSecurityStandard','string');
$json->UpdateString('RevocationConfiguration.CrlConfiguration.CustomCname','string');
$json->UpdateInt('RevocationConfiguration.CrlConfiguration.Enabled',123);
$json->UpdateInt('RevocationConfiguration.CrlConfiguration.ExpirationInDays',123);
$json->UpdateString('RevocationConfiguration.CrlConfiguration.S3BucketName','string');
$json->UpdateString('RevocationConfiguration.CrlConfiguration.S3ObjectAcl','string');
$json->UpdateInt('RevocationConfiguration.OcspConfiguration.Enabled',123);
$json->UpdateString('RevocationConfiguration.OcspConfiguration.OcspCustomCname','string');
$json->UpdateString('Tags[0].Key','string');
$json->UpdateString('Tags[0].Value','string');

// The JSON request body created by the above code:

// {
//   "CertificateAuthorityConfiguration": {
//     "CsrExtensions": {
//       "KeyUsage": {
//         "CRLSign": boolean,
//         "DataEncipherment": boolean,
//         "DecipherOnly": boolean,
//         "DigitalSignature": boolean,
//         "EncipherOnly": boolean,
//         "KeyAgreement": boolean,
//         "KeyCertSign": boolean,
//         "KeyEncipherment": boolean,
//         "NonRepudiation": boolean
//       },
//       "SubjectInformationAccess": [
//         {
//           "AccessLocation": {
//             "DirectoryName": {
//               "CommonName": "string",
//               "Country": "string",
//               "DistinguishedNameQualifier": "string",
//               "GenerationQualifier": "string",
//               "GivenName": "string",
//               "Initials": "string",
//               "Locality": "string",
//               "Organization": "string",
//               "OrganizationalUnit": "string",
//               "Pseudonym": "string",
//               "SerialNumber": "string",
//               "State": "string",
//               "Surname": "string",
//               "Title": "string"
//             },
//             "DnsName": "string",
//             "EdiPartyName": {
//               "NameAssigner": "string",
//               "PartyName": "string"
//             },
//             "IpAddress": "string",
//             "OtherName": {
//               "TypeId": "string",
//               "Value": "string"
//             },
//             "RegisteredId": "string",
//             "Rfc822Name": "string",
//             "UniformResourceIdentifier": "string"
//           },
//           "AccessMethod": {
//             "AccessMethodType": "string",
//             "CustomObjectIdentifier": "string"
//           }
//         }
//       ]
//     },
//     "KeyAlgorithm": "string",
//     "SigningAlgorithm": "string",
//     "Subject": {
//       "CommonName": "string",
//       "Country": "string",
//       "DistinguishedNameQualifier": "string",
//       "GenerationQualifier": "string",
//       "GivenName": "string",
//       "Initials": "string",
//       "Locality": "string",
//       "Organization": "string",
//       "OrganizationalUnit": "string",
//       "Pseudonym": "string",
//       "SerialNumber": "string",
//       "State": "string",
//       "Surname": "string",
//       "Title": "string"
//     }
//   },
//   "CertificateAuthorityType": "string",
//   "IdempotencyToken": "string",
//   "KeyStorageSecurityStandard": "string",
//   "RevocationConfiguration": {
//     "CrlConfiguration": {
//       "CustomCname": "string",
//       "Enabled": boolean,
//       "ExpirationInDays": number,
//       "S3BucketName": "string",
//       "S3ObjectAcl": "string"
//     },
//     "OcspConfiguration": {
//       "Enabled": boolean,
//       "OcspCustomCname": "string"
//     }
//   },
//   "Tags": [
//     {
//       "Key": "string",
//       "Value": "string"
//     }
//   ]
// }

$rest->AddHeader('Content-Type','application/x-amz-json-1.1');
$rest->AddHeader('X-Amz-Target','ACMPrivateCA.CreateCertificateAuthority');

$sbRequestBody = new CkStringBuilder();
$json->EmitSb($sbRequestBody);
$sbResponseBody = new CkStringBuilder();
$success = $rest->FullRequestSb('POST','/',$sbRequestBody,$sbResponseBody);
if ($success != true) {
    print $rest->lastErrorText() . "\n";
    exit;
}

$respStatusCode = $rest->get_ResponseStatusCode();
print 'response status code = ' . $respStatusCode . "\n";
if ($respStatusCode != 200) {
    print 'Response Header:' . "\n";
    print $rest->responseHeader() . "\n";
    print 'Response Body:' . "\n";
    print $sbResponseBody->getAsString() . "\n";
    exit;
}

$jResp = new CkJsonObject();
$jResp->LoadSb($sbResponseBody);

// The following code parses the JSON response.
// A sample JSON response is shown below the sample code.

// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON

$CertificateAuthorityArn = $jResp->stringOf('CertificateAuthorityArn');

// A sample JSON response body parsed by the above code:

// {
//   "CertificateAuthorityArn": "string"
// }

?>