Additional API endpoint for getting certificates

[willfurnell]

Hello,

I've recently done some development work on the CertWizard API (known to us as CA-Server) to fix a bug we've been having with getting back certificates. The original endpoint accepted a GET request to

https://cwiz-live.ca.ngs.ac.uk/resources/resource/publickey/<base64-encoded-public-key> which then lets you get information associated with a certificate. We noticed an issue where if the base64 encoding had more than once consecutive / then things could break.

So you can instead sent a POST request to https://cwiz-live.ca.ngs.ac.uk/resources/resource/publickey/pk with the following content. The return content has not changed. The GET method also still exists for backwards compatibility, so you might not need to do anything if you haven't noticed any issues.

<PublicKey>
base64-encoded-public-key
</PublicKey>

[sfayer]

Thanks for the info... We've not seen this issue but it's possible that's just luck. I'm presuming it's caused by something tidying up the multiple / characters into a single one; is it the CA-Server instance that does this, or the client side? I've just double checked and the client library we use does correctly send URLs with multiple / in a row to the server without changing them.

[willfurnell]

Yes I'm pretty sure it's just been the client doing it when making HTTP requests, exactly as you say tidying up multiple / so hopefully you should be OK if you haven't had any issues so far.

[sfayer]

I had a look through some of our existing certificates and we have some with two / in the pubkey that have been processed successfully, so I think everything is fine. Thanks again for letting me know.

[sfayer]

We've suddenly started seeing this issue now, so the // problem must be on the server side (nothing client side has changed)... I'll look at writing a patch to use the new API.

[sfayer]

This should now be fixed in version 1.0.9.