Get Certificate

curl --request GET \
  --url http://localhost:8000/issuers/{issuer_id}/certificates/{cert_id}

{
  "created_at": "2024-01-01T00:00:00Z",
  "id": "990e8400-e29b-41d4-a716-446655440000",
  "issuer_id": "550e8400-e29b-41d4-a716-446655440000",
  "serial_number": "1234567890ABCDEF",
  "status": "active",
  "subject_cn": "EMPRESA EJEMPLO S.A.",
  "tenant_id": "660e8400-e29b-41d4-a716-446655440000",
  "updated_at": "2024-01-01T00:00:00Z",
  "valid_from": "2024-01-01T00:00:00Z",
  "valid_until": "2026-01-01T00:00:00Z"
}

certificates

Get Certificate

Get a single Certificate by ID.

Validates that the issuer and certificate both belong to the active tenant. Audits the access. Returns certificate metadata without password, secret_manager_ref, key_hash, or binary data.

Args: issuer_id: UUID of the parent issuer cert_id: UUID of the certificate to retrieve db: Async database session tenant_id: Active tenant ID from authentication context user_id: Current user ID for auditing

Returns: CertificateResponse: Certificate metadata (no sensitive fields)

Raises: HTTPException 404: If issuer or certificate not found or doesn’t belong to tenant

GET

issuers

{issuer_id}

certificates

{cert_id}

Get Certificate

curl --request GET \
  --url http://localhost:8000/issuers/{issuer_id}/certificates/{cert_id}

{
  "created_at": "2024-01-01T00:00:00Z",
  "id": "990e8400-e29b-41d4-a716-446655440000",
  "issuer_id": "550e8400-e29b-41d4-a716-446655440000",
  "serial_number": "1234567890ABCDEF",
  "status": "active",
  "subject_cn": "EMPRESA EJEMPLO S.A.",
  "tenant_id": "660e8400-e29b-41d4-a716-446655440000",
  "updated_at": "2024-01-01T00:00:00Z",
  "valid_from": "2024-01-01T00:00:00Z",
  "valid_until": "2026-01-01T00:00:00Z"
}

Headers

authorization

string | null

x-api-key

string | null

x-tenant-id

string | null

Path Parameters

issuer_id

string<uuid>

required

cert_id

string<uuid>

required

Cookies

factio_access_token

string | null

Response

Successful Response

Schema for Certificate response (without sensitive data).

string<uuid>

required

tenant_id

string<uuid>

required

issuer_id

string<uuid>

required

subject_cn

string | null

required

serial_number

string | null

required

valid_from

string<date-time>

required

valid_until

string<date-time>

required

status

enum<string>

required

Status values for digital certificates.

Available options:

uploaded,

active,

expiring,

expired,

revoked,

disabled

created_at

string<date-time>

required

updated_at

string<date-time>

required

Upload Certificate Revoke Certificate