pub async fn get_cacerts(
_auth: OptionalAuth,
label: LabelExtractor,
__arg2: State<Arc<AppState>>,
) -> Result<Response, KipukaError>Expand description
GET /.well-known/est/cacerts
Returns PKCS#7 certs-only with all CA certificates in the chain.
§Response
| Header | Value |
|---|---|
| Status | 200 OK |
| Content-Type | application/pkcs7-mime; smime-type=certs-only |
| Content-Transfer-Encoding | base64 |
The body is the base64-encoded DER representation of a PKCS#7
SignedData structure with no signerInfos and a single
certificates field containing the CA certificate chain.
§Authentication
No authentication required per RFC 7030 §4.1.
§Errors
404 Not Found— unknown EST label500 Internal Server Error— CA certificate not available