description: > Implement to create Certificate Signing Request(CSR). methods: - name: GenerateCSR description: > This command is used to initiate a certificate signing request. This command only returns the D-Bus path name for the new CSR object. User need to listen on InterfacesAdded signal emitted by /xyz/openbmc_project/Certs to retrieve the CSR string after successful CSR creation. Note: Following Parameters are mandatory or optional based on the Redfish documentation. Caller is responsible for the input parameter validation. If the caller does not wish a field to be included in the CSR Request, initialize the Parameter with blank for strings and zero for integers. parameters: - name: AlternativeNames type: array[string] description: > Additional hostnames of the component that is being secured. - name: ChallengePassword type: string description: > The challenge password to be applied to the certificate for revocation requests. - name: City type: string description: > The city or locality of the organization making the request. For Example Austin This is a required parameter. - name: CommonName type: string description: > The fully qualified domain name of the component that is being secured. This is a required parameter. - name: ContactPerson type: string description: > The name of the user making the request. - name: Country type: string description: > The country of the organization making the request. This is a required parameter. - name: Email type: string description: > The email address of the contact within the organization making the request. - name: GivenName type: string description: > The given name of the user making the request. - name: Initials type: string description: > The initials of the user making the request. - name: KeyBitLength type: int64 description: > The length of the key in bits, if needed based on the value of the KeyPairAlgorithm parameter. Refer https://www.openssl.org/docs/man1.0.2/man1/genpkey.html - name: KeyCurveId type: string description: > The curve ID to be used with the key, if needed based on the value of the KeyPairAlgorithm parameter. Refer https://www.openssl.org/docs/man1.0.2/man1/genpkey.html - name: KeyPairAlgorithm type: string description: > The type of key pair for use with signing algorithms. Valid built-in algorithm names for private key generation are RSA and EC. - name: KeyUsage type: array[string] description: > Key usage extensions define the purpose of the public key contained in a certificate. Valid Key usage extensions and its usage description. ClientAuthentication: The public key is used for TLS WWW client authentication. CodeSigning: The public key is used for the signing of executable code. CRLSigning: The public key is used for verifying signatures on certificate revocation lists (CLRs). DataEncipherment: The public key is used for directly enciphering raw user data without the use of an intermediate symmetric cipher. DecipherOnly: The public key could be used for deciphering data while performing key agreement. DigitalSignature: The public key is used for verifying digital signatures, other than signatures on certificates and CRLs. EmailProtection: The public key is used for email protection. EncipherOnly: The public key could be used for enciphering data while performing key agreement. KeyCertSign: The public key is used for verifying signatures on public key certificates. KeyEncipherment: The public key is used for enciphering private or secret keys. NonRepudiation: The public key is used to verify digital signatures, other than signatures on certificates and CRLs, and used to provide a non- repudiation service that protects against the signing entity falsely denying some action. OCSPSigning: The public key is used for signing OCSP responses. ServerAuthentication: The public key is used for TLS WWW server authentication. Timestamping: The public key is used for binding the hash of an object to a time. - name: Organization type: string description: > The legal name of the organization. This should not be abbreviated and should include suffixes such as Inc, Corp, or LLC. For example, IBM Corp. This is a required parameter. - name: OrganizationalUnit type: string description: > The name of the unit or division of the organization making the request. This is a required parameter. - name: State type: string description: > The state or province where the organization is located. This should not be abbreviated. For example, Texas. This is a required parameter. - name: Surname type: string description: > The surname of the user making the request. - name: UnstructuredName type: string description: > The unstructured name of the subject. returns: - name: path type: string description: > The object path of the D-Bus object to be watch for retrieving the CSR string. errors: - xyz.openbmc_project.Common.Error.InternalFailure