Hi,
I need to find a way to import/submit SCR and receive a certificate from Microsoft CA via some endpoint. The best option is REST, but if there is another API (SOAP or other protocol) allowing to do a request from our server to Microsoft CA will be good enough.
Let's say that CA runs on Windows Server 2012 or upper.
I found that there are a few options here:
1. Terminal utils like certreq
2. AFAIK, .Net platform allowing to send/import CSR
3. CA Web Enrollment
4. CA Web Services
Terminal utils will not work for me, I need to do a call programmatically.
Our server is an on-prem solution and written on Java. It may run on Windows and Unix-based platforms and we have customers that run it on Unix... It means that the first option is not really an option...
The second option allows uploading an SCR to Microsoft CA via a browser, i.e. I can try to submit an HTML form and parse a response...extract the link for the cert, but it feels it is not the best option.
I found that the windows server contains the component called CA Web Services that theoretically allowing what I want, but the problem I can't find how to use it. I followed the guidance here: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh831625(v=ws.11) and Certificate Enrollment Policy Web Service and Certificate Enrollment Web Service are enabled on the server.
This topic is new to me. So it will be nice if someone could say to me that I'm looking in the right direction and send me a link to the documentation. And if it's not the right direction, maybe someone knows a better option.
Thanks in advance