Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
JavaScript running on the client takes over submission of the certificate signing request. However, it sends it to us via AJAX, where we then submit to the CA, receive the certificate, and then send back to the client.
So we need to add a route & handler for this.
Comments
Comment #2
colanComment #3
colanHow to create Custom RESTful API in Drupal 8How to receive JSON data in controller with Drupal 8?How to set required POST parameters for routesCreate a public custom Drupal 8 REST webserviceDrupal Console should get us going with
drupal generate:plugin:rest:resource
.We may also need to write a plug-in using the Authentication API as "basic authentication" definitely won't cut it, and "cookies" may not either, but needs testing. Or if we can't use cookies, maybe we can find an existing contrib module.
Comment #4
colanemboss wrote:
Comment #5
colanFor now, we're just going to use the "cookie" authentication provider. This is user-account access, but we'll allow anonymous users as per the Permissions at https://www.drupal.org/docs/8/api/restful-web-services-api/restful-web-s..., and then do our own authentication via
PKIRACertificateSigningRequestProcessor::requestIsAuthenticated()
at the start of thepost()
method in the resource class.Later, we can come up with an Authentication Provider using
drupal generate:authentication:provider
along with these guides:Could also create a new contrib module for it and publish at Using other authentication protocols.
Comment #7
colan