I'm working on a project and we want to know it if could be possible to Layer 7 Gateway to parser a PKCS#10 CSR. Does exist any possibility? I've been researching on manuals but I was not able to find something yet.
I had a glance at the "Creating CA API Gateway Custom Assertions" file and I read this:
"Custom Assertions are modules that are added to a CA API Gateway to add functionality to be executed in a service policy. They typically implement proprietary business logic, as opposed to standard-compliant mechanisms supported by CA Technologies.
This document describes how to create and install Custom Assertions on a CA API Gateway."
Do you think it is possible to create a custom assertion which when gets a PKCS#10 request, extracts information from it and creates a SOAP message?
Message was edited by: Andres J. Cremades Cremades Monserrat
NEW INFORMATION ADDED
Since this is the APM community, how does APM play into thia?
Oh, s**t, wrong place. Sorry!
Yes, you should be able to build a custom assertion to do this using the Bouncy Castle crypto APIs: bouncycastle.org . The Gateway itself uses Bouncy Castle (~/Gateway/runtime/lib/bcprov-jdk16-1.46.jar in 8.x).
Extracting X509 Extensions from a CSR using the Bouncy Castle APIs » unitstep.net
Thanks MattVan, I will check it out. By the way, I post another option/answer I received from another CA specialist as well:
Yes we have an assertion within the Mag implementation that does this. We use it for generating private keys for mobile devices within ios, android and cordova. The idea behind it is to:
This can all be done in your solution yes. [...]