Function post_fullcmc

Source

pub async fn post_fullcmc(
    auth: EstAuth,
    label: LabelExtractor,
    __arg2: State<Arc<AppState>>,
    body: Bytes,
) -> Result<Response, KipukaError>

Expand description

POST /.well-known/est/fullcmc

Accepts a CMC request (PKCS#7 SignedData) and returns a CMC response.

§Authentication

Requires mTLS with a certificate carrying the id-kp-cmcRA EKU (OID 1.3.6.1.5.5.7.3.28, RHELBU-3536 R15).

§Request

Header	Value
Content-Type	`application/pkcs7-mime; smime-type=CMC-request`
Body	Base64-encoded DER PKCS#7 SignedData (CMC PKIData)

§Response

Header	Value
Status	`200 OK`
Content-Type	`application/pkcs7-mime; smime-type=CMC-response`

§Errors

400 Bad Request — malformed CMC request
401 Unauthorized — authentication failed
403 Forbidden — signer lacks id-kp-cmcRA EKU
500 Internal Server Error — CA backend error

post_fullcmc

Function post_fullcmc Copy item path

§Authentication

§Request

§Response

§Errors

Function post_fullcmc