All Products
Search
Document Center

Certificate Management Service:Encrypt

Last Updated:Jul 31, 2024

Encrypts a certificate in a certificate repository.

Operation description

You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

ParameterTypeRequiredDescriptionExample
PlaintextstringYes

The data that you want to encrypt. The value of this parameter can be raw data or Base64-encoded data. For more information, see the description of the MessageType parameter. For example, if the hexadecimal data that you want to encrypt is [0x31, 0x32, 0x33, 0x34], the Base64-encoded data is MTIzNA==. The size of data that can be encrypted varies based on the encryption algorithm that you use. The following list describes the relationship between the encryption algorithms and data sizes:

  • RSAES_OAEP_SHA_1: 214 bytes
  • RSAES_OAEP_SHA_256: 190 bytes
  • SM2PKE: 6,047 bytes
1234***
CertIdentifierstringYes

The unique identifier of the certificate. You can call the ListCert operation to obtain the identifier.

  • If the certificate is an SSL certificate, the value of this parameter must be in the {Certificate ID}-cn-hangzhou format.
  • If the certificate is a private certificate, the value of this parameter must be the value of the Identifier field for the private certificate.
12345678-1234-1234-1234-12345678****
AlgorithmstringYes

The encryption algorithm. Valid values:

  • RSAES_OAEP_SHA_1
  • RSAES_OAEP_SHA_256
  • SM2PKE
RSAESOAEPSHA_1
MessageTypestringNo

The value type of the Message parameter. Valid values:

  • RAW: The value of the Plaintext parameter is directly encrypted. This is the default value.
  • Base64: The value of the Plaintext parameter is Base64-encoded data. The data is decoded and then encrypted.
RAW

Response parameters

ParameterTypeDescriptionExample
object

The response parameters.

CertIdentifierstring

The unique identifier of the certificate.

12345678-1234-1234-1234-12345678****
RequestIdstring

The ID of the request.

5979d897-d69f-4fc9-87dd-f3bb73c40b80
CiphertextBlobstring

The data after encryption. The value is encoded in Base64.

ZOyIygCyaOW6Gj****MlNKiuyjfzw=

Examples

Sample success responses

JSONformat

{
  "CertIdentifier": "12345678-1234-1234-1234-12345678****",
  "RequestId": "5979d897-d69f-4fc9-87dd-f3bb73c40b80",
  "CiphertextBlob": "ZOyIygCyaOW6Gj****MlNKiuyjfzw="
}

Error codes

For a list of error codes, visit the Service error codes.