Upload Certificate
Upload a new .p12 certificate for an Issuer.
Validates the certificate, extracts metadata, uploads the encrypted file to object storage, stores the password in Secret Manager, and creates a certificate record in the database.
All database operations use async/await for non-blocking I/O.
Args: issuer_id: UUID of the parent issuer file: .p12 certificate file password: Certificate password db: Async database session tenant_id: Active tenant ID from authentication context user_id: Current user ID for auditing
Returns: CertificateResponse: Created certificate data (without sensitive info)
Raises: HTTPException 404: If issuer not found or doesn’t belong to tenant HTTPException 422: If certificate is invalid or validation fails
Path Parameters
Cookies
Body
Response
Successful Response
Schema for Certificate response (without sensitive data).
Status values for digital certificates.
uploaded, active, expiring, expired, revoked, disabled