{"id":25190146,"url":"https://github.com/keyfactor/ejbca-go-client-sdk","last_synced_at":"2026-01-18T08:32:28.535Z","repository":{"id":176680417,"uuid":"595751731","full_name":"Keyfactor/ejbca-go-client-sdk","owner":"Keyfactor","description":"Client SDK in Golang for the EJBCA REST API","archived":false,"fork":false,"pushed_at":"2024-06-07T22:02:08.000Z","size":450,"stargazers_count":0,"open_issues_count":3,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-05-25T12:02:22.987Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Mustache","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Keyfactor.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-01-31T18:31:44.000Z","updated_at":"2024-07-26T04:07:23.000Z","dependencies_parsed_at":null,"dependency_job_id":"cfa5e4f9-4aba-422a-8ca9-1c3700ea1d4b","html_url":"https://github.com/Keyfactor/ejbca-go-client-sdk","commit_stats":null,"previous_names":["keyfactor/ejbca-go-client-sdk"],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/Keyfactor/ejbca-go-client-sdk","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keyfactor%2Fejbca-go-client-sdk","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keyfactor%2Fejbca-go-client-sdk/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keyfactor%2Fejbca-go-client-sdk/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keyfactor%2Fejbca-go-client-sdk/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Keyfactor","download_url":"https://codeload.github.com/Keyfactor/ejbca-go-client-sdk/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Keyfactor%2Fejbca-go-client-sdk/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28534148,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-18T00:39:45.795Z","status":"online","status_checked_at":"2026-01-18T02:00:07.578Z","response_time":98,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-02-09T21:19:03.840Z","updated_at":"2026-01-18T08:32:28.510Z","avatar_url":"https://github.com/Keyfactor.png","language":"Mustache","readme":"# Go Client SDK for Keyfactor EJBCA\n\nThe Go Client SDK for Keyfactor EJBCA enables management of EJBCA resources utilizing the Go programming language.\n\n# Support for the Keyfactor EJBCA Go Client SDK\nWe welcome contributions.\n\nThe Keyfactor EJBCA Go Client SDK is open source and community supported, meaning that there is **no SLA** applicable for these tools.\n\n\u003e To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab.\n\n## Installation\n\nInstall the Go Client SDK for Keyfactor EJBCA using the `go get` command:\n\n```shell\ngo get github.com/Keyfactor/ejbca-go-client-sdk\n```\n\nPut the package under your project folder and add the following in import:\n\n```golang\nimport \"github.com/Keyfactor/ejbca-go-client-sdk/api/ejbca\"\n```\n\n## Configuration\n\nCommunication with the EJBCA REST API is authenticated using mTLS (client certificate) or OAuth 2.0 (token). Authentication is handled via the `ejbca.Authenticator` interface, and the SDK ships with two default implementations, described below.\n\nBoth the mTLS and OAuth authenticators enable configuration of a CA Certificate if the target EJBCA server doesn't serve a certificate signed by a publically trusted root. Your application may elect to source this CA certificate via an appropriate authentication mechanism, or provide the appropriate authenticator builder with a path. Both methods are demonstrated below.\n\nThe following code snippets demonstrate how to configure the EJBCA client with an mTLS authenticator:\n\n```go\nimport (\n    \"crypto/x509\"\n    \"fmt\"\n    \"crypto/tls\"\n\n    \"github.com/Keyfactor/ejbca-go-client-sdk/api/ejbca\"\n)\n\n// Source the CA chain by an appropriate method for your application\ncaChain := []byte(\"\u003cca chain source by your application\u003e\")\n\ncaCerts, err := x509.ParseCertificates(caChain)\nif err != nil {\n    panic(err)\n}\n\n// Source the client certificate and key by an appropriate method for your application\nclientCertificate := []byte(\"\u003cclient certificate source by your application\u003e\")\nclientKey := []byte(\"\u003cclient key source by your application\u003e\")\n\ntlsCert, err := tls.X509KeyPair(clientCertificate, clientKey)\nif err != nil {\n    panic(err)\n}\n\nauthenticator, err := ejbca.NewMTLSAuthenticatorBuilder().\n    WithClientCertificate(\u0026tlsCert).\n    WithCaCertificates(caCerts).\n    Build()\nif err != nil {\n    panic(err)\n}\n```\n\nThe `ejbca.MTLSAuthenticatorBuilder` can also source the client certificate, key and CA certificate from a provided path. It's important that the certificates at the specified paths be PEM encoded X.509 certificates, and the private key must be an unencrypted PKCS#8 key.\n\n```go\nimport \"github.com/Keyfactor/ejbca-go-client-sdk/api/ejbca\"\n\nauthenticator, err := ejbca.NewMTLSAuthenticatorBuilder().\n    WithClientCertificatePath(\"\u003cpath to client certificate\u003e\").\n    WithClientCertificateKeyPath(\"\u003cpath to client key\u003e\").\n    WithCaCertificatePath(\"\u003cpath to ca certificate\u003e\").\n    Build()\nif err != nil {\n    panic(err)\n}\n```\n\nOAuth2.0 is configured using the `ejbca.OAuthAuthenticatorBuilder`. Under the hood, this authenticator uses the `golang.org/x/oauth2/clientcredentials` package to implement the OAuth2.0 \"client credentials\" token flow, since the client is acting on its own behalf.\n\n```go\nimport \"github.com/Keyfactor/ejbca-go-client-sdk/api/ejbca\"\n\nauthenticator, err := ejbca.NewOAuthAuthenticatorBuilder().\n    WithCaCertificates(caCerts).\n//  WithCaCertificatePath(\"\u003cpath to ca certificate\u003e\").\n    WithTokenUrl(\"\u003curl to token endpoint\u003e\").\n    WithClientId(\"\u003cclient ID\u003e\").\n    WithClientSecret(\"\u003cclient secret\u003e\").\n    WithAudience(\"\u003coptional audience\").\n    WithScopes(\"\u003coptional scopes\u003e\").\n    Build()\nif err != nil {\n    panic(err)\n}\n```\n\nFinally, the EJBCA client is configured with the authenticator and the hostname of the EJBCA server:\n\n```go\nimport \"github.com/Keyfactor/ejbca-go-client-sdk/api/ejbca\"\n\nconfiguration := ejbca.NewConfiguration()\nconfiguration.Host = \"\u003chostname\u003e:\u003coptional port\u003e\"\nconfiguration.SetAuthenticator(authenticator)\n\nejbcaClient, err := ejbca.NewAPIClient(configuration)\nif err != nil {\n    panic(err)\n}\n```\n\n\u003e If neither authentication mechanism is suitable for your application, you can implement your own authenticator by implementing the `ejbca.Authenticator` interface.\n\n## Documentation for API Endpoints\n\nAll URIs are relative to *http://localhost/ejbca/ejbca-rest-api*\n\nClass | Method | HTTP request | Description\n------------ | ------------- | ------------- | -------------\n*V1CaApi* | [**CreateCrl**](docs/V1CaApi.md#createcrl) | **Post** /v1/ca/{issuer_dn}/createcrl | Create CRL(main, partition and delta) issued by this CA\n*V1CaApi* | [**GetCertificateAsPem**](docs/V1CaApi.md#getcertificateaspem) | **Get** /v1/ca/{subject_dn}/certificate/download | Get PEM file with the active CA certificate chain\n*V1CaApi* | [**GetLatestCrl**](docs/V1CaApi.md#getlatestcrl) | **Get** /v1/ca/{issuer_dn}/getLatestCrl | Returns the latest CRL issued by this CA\n*V1CaApi* | [**ImportCrl**](docs/V1CaApi.md#importcrl) | **Post** /v1/ca/{issuer_dn}/importcrl | Import a certificate revocation list (CRL) for a CA\n*V1CaApi* | [**ListCas**](docs/V1CaApi.md#listcas) | **Get** /v1/ca | Returns the Response containing the list of CAs with general information per CA as Json\n*V1CaApi* | [**Status1**](docs/V1CaApi.md#status1) | **Get** /v1/ca/status | Get the status of this REST Resource\n*V1CaManagementApi* | [**Activate**](docs/V1CaManagementApi.md#activate) | **Put** /v1/ca_management/{ca_name}/activate | Activate a CA\n*V1CaManagementApi* | [**Deactivate**](docs/V1CaManagementApi.md#deactivate) | **Put** /v1/ca_management/{ca_name}/deactivate | Deactivate a CA\n*V1CaManagementApi* | [**Status**](docs/V1CaManagementApi.md#status) | **Get** /v1/ca_management/status | Get the status of this REST Resource\n*V1CertificateApi* | [**CertificateRequest**](docs/V1CertificateApi.md#certificaterequest) | **Post** /v1/certificate/certificaterequest | Enrollment with client generated keys for an existing End Entity\n*V1CertificateApi* | [**EnrollKeystore**](docs/V1CertificateApi.md#enrollkeystore) | **Post** /v1/certificate/enrollkeystore | Keystore enrollment\n*V1CertificateApi* | [**EnrollPkcs10Certificate**](docs/V1CertificateApi.md#enrollpkcs10certificate) | **Post** /v1/certificate/pkcs10enroll | Enrollment with client generated keys, using CSR subject\n*V1CertificateApi* | [**FinalizeEnrollment**](docs/V1CertificateApi.md#finalizeenrollment) | **Post** /v1/certificate/{request_id}/finalize | Finalize enrollment\n*V1CertificateApi* | [**GetCertificatesAboutToExpire**](docs/V1CertificateApi.md#getcertificatesabouttoexpire) | **Get** /v1/certificate/expire | Get a list of certificates that are about to expire\n*V1CertificateApi* | [**RevocationStatus**](docs/V1CertificateApi.md#revocationstatus) | **Get** /v1/certificate/{issuer_dn}/{certificate_serial_number}/revocationstatus | Checks revocation status of the specified certificate\n*V1CertificateApi* | [**RevokeCertificate**](docs/V1CertificateApi.md#revokecertificate) | **Put** /v1/certificate/{issuer_dn}/{certificate_serial_number}/revoke | Revokes the specified certificate\n*V1CertificateApi* | [**SearchCertificates**](docs/V1CertificateApi.md#searchcertificates) | **Post** /v1/certificate/search | Searches for certificates confirming given criteria.\n*V1CertificateApi* | [**Status2**](docs/V1CertificateApi.md#status2) | **Get** /v1/certificate/status | Get the status of this REST Resource\n*V1ConfigdumpApi* | [**GetJsonConfigdump**](docs/V1ConfigdumpApi.md#getjsonconfigdump) | **Get** /v1/configdump | Get the configuration in JSON.\n*V1ConfigdumpApi* | [**GetJsonConfigdumpForType**](docs/V1ConfigdumpApi.md#getjsonconfigdumpfortype) | **Get** /v1/configdump/{type} | Get the configuration for type in JSON.\n*V1ConfigdumpApi* | [**GetJsonConfigdumpForTypeAndSetting**](docs/V1ConfigdumpApi.md#getjsonconfigdumpfortypeandsetting) | **Get** /v1/configdump/{type}/{setting} | Get the configuration for a type and setting in JSON.\n*V1ConfigdumpApi* | [**GetZipExport**](docs/V1ConfigdumpApi.md#getzipexport) | **Get** /v1/configdump/configdump.zip | Get the configuration as a ZIP file.\n*V1ConfigdumpApi* | [**PostJsonImport**](docs/V1ConfigdumpApi.md#postjsonimport) | **Post** /v1/configdump | Put the configuration in JSON.\n*V1ConfigdumpApi* | [**PostZipImport**](docs/V1ConfigdumpApi.md#postzipimport) | **Post** /v1/configdump/configdump.zip | Put the configuration as a ZIP file.\n*V1ConfigdumpApi* | [**Status4**](docs/V1ConfigdumpApi.md#status4) | **Get** /v1/configdump/status | Get the status of this REST Resource\n*V1CryptotokenApi* | [**Activate1**](docs/V1CryptotokenApi.md#activate1) | **Put** /v1/cryptotoken/{cryptotoken_name}/activate | Activate a Crypto Token\n*V1CryptotokenApi* | [**Deactivate1**](docs/V1CryptotokenApi.md#deactivate1) | **Put** /v1/cryptotoken/{cryptotoken_name}/deactivate | Deactivate a Crypto Token\n*V1CryptotokenApi* | [**GenerateKeys**](docs/V1CryptotokenApi.md#generatekeys) | **Post** /v1/cryptotoken/{cryptotoken_name}/generatekeys | Generate keys\n*V1CryptotokenApi* | [**RemoveKeys**](docs/V1CryptotokenApi.md#removekeys) | **Post** /v1/cryptotoken/{cryptotoken_name}/{key_pair_alias}/removekeys | Remove keys\n*V1CryptotokenApi* | [**Status5**](docs/V1CryptotokenApi.md#status5) | **Get** /v1/cryptotoken/status | Get the status of this REST Resource\n*V1EndentityApi* | [**Add**](docs/V1EndentityApi.md#add) | **Post** /v1/endentity | Add new end entity, if it does not exist\n*V1EndentityApi* | [**Delete**](docs/V1EndentityApi.md#delete) | **Delete** /v1/endentity/{endentity_name} | Deletes end entity\n*V1EndentityApi* | [**Revoke**](docs/V1EndentityApi.md#revoke) | **Put** /v1/endentity/{endentity_name}/revoke | Revokes all end entity certificates\n*V1EndentityApi* | [**Search**](docs/V1EndentityApi.md#search) | **Post** /v1/endentity/search | Searches for end entity confirming given criteria.\n*V1EndentityApi* | [**Setstatus**](docs/V1EndentityApi.md#setstatus) | **Post** /v1/endentity/{endentity_name}/setstatus | Edits end entity setting new status\n*V1EndentityApi* | [**Status6**](docs/V1EndentityApi.md#status6) | **Get** /v1/endentity/status | Get the status of this REST Resource\n*V1SshApi* | [**Pubkey**](docs/V1SshApi.md#pubkey) | **Get** /v1/ssh/{ca_name}/pubkey | Retrieves a CA\u0026#39;s public key in SSH format.\n*V1SshApi* | [**Status8**](docs/V1SshApi.md#status8) | **Get** /v1/ssh/status | Get the status of this REST Resource\n*V2CertificateApi* | [**GetCertificateProfileInfo**](docs/V2CertificateApi.md#getcertificateprofileinfo) | **Get** /v2/certificate/profile/{profile_name} | Get Certificate Profile Info.\n*V2CertificateApi* | [**SearchCertificates1**](docs/V2CertificateApi.md#searchcertificates1) | **Post** /v2/certificate/search | Searches for certificates confirming given criteria and pagination.\n*V2CertificateApi* | [**Status3**](docs/V2CertificateApi.md#status3) | **Get** /v2/certificate/status | Get the status of this REST Resource\n*V2EndentityApi* | [**GetAuthorizedEndEntityProfiles**](docs/V2EndentityApi.md#getauthorizedendentityprofiles) | **Get** /v2/endentity/profiles/authorized | List of authorized end entity profiles for the current admin.\n*V2EndentityApi* | [**Profile**](docs/V2EndentityApi.md#profile) | **Get** /v2/endentity/profile/{endentity_profile_name} | Get End Entity Profile content\n*V2EndentityApi* | [**SortedSearch**](docs/V2EndentityApi.md#sortedsearch) | **Post** /v2/endentity/search | Searches and sorts for end entity conforming given criteria.\n*V2EndentityApi* | [**Status7**](docs/V2EndentityApi.md#status7) | **Get** /v2/endentity/status | Get the status of this REST Resource\n\n\n## Documentation For Models\n\n - [AddEndEntityRestRequest](docs/AddEndEntityRestRequest.md)\n - [AuthorizedEEPsRestResponse](docs/AuthorizedEEPsRestResponse.md)\n - [CaInfoRestResponse](docs/CaInfoRestResponse.md)\n - [CaInfosRestResponse](docs/CaInfosRestResponse.md)\n - [CertificateProfileInfoRestResponseV2](docs/CertificateProfileInfoRestResponseV2.md)\n - [CertificateRequestRestRequest](docs/CertificateRequestRestRequest.md)\n - [CertificateRestResponse](docs/CertificateRestResponse.md)\n - [CertificateRestResponseV2](docs/CertificateRestResponseV2.md)\n - [CertificatesRestResponse](docs/CertificatesRestResponse.md)\n - [ConfigdumpResults](docs/ConfigdumpResults.md)\n - [CreateCrlRestResponse](docs/CreateCrlRestResponse.md)\n - [CrlRestResponse](docs/CrlRestResponse.md)\n - [CryptoTokenActivationRestRequest](docs/CryptoTokenActivationRestRequest.md)\n - [CryptoTokenKeyGenerationRestRequest](docs/CryptoTokenKeyGenerationRestRequest.md)\n - [EndEntityProfileResponse](docs/EndEntityProfileResponse.md)\n - [EndEntityProfileRestResponse](docs/EndEntityProfileRestResponse.md)\n - [EndEntityRestResponse](docs/EndEntityRestResponse.md)\n - [EndEntityRevocationRestRequest](docs/EndEntityRevocationRestRequest.md)\n - [EnrollCertificateRestRequest](docs/EnrollCertificateRestRequest.md)\n - [ExpiringCertificatesRestResponse](docs/ExpiringCertificatesRestResponse.md)\n - [ExtendedInformationRestRequestComponent](docs/ExtendedInformationRestRequestComponent.md)\n - [ExtendedInformationRestResponseComponent](docs/ExtendedInformationRestResponseComponent.md)\n - [FinalizeRestRequest](docs/FinalizeRestRequest.md)\n - [KeyStoreRestRequest](docs/KeyStoreRestRequest.md)\n - [Pagination](docs/Pagination.md)\n - [PaginationRestResponseComponent](docs/PaginationRestResponseComponent.md)\n - [PaginationSummary](docs/PaginationSummary.md)\n - [RestResourceStatusRestResponse](docs/RestResourceStatusRestResponse.md)\n - [RevokeStatusRestResponse](docs/RevokeStatusRestResponse.md)\n - [SearchCertificateCriteriaRestRequest](docs/SearchCertificateCriteriaRestRequest.md)\n - [SearchCertificateSortRestRequest](docs/SearchCertificateSortRestRequest.md)\n - [SearchCertificatesRestRequest](docs/SearchCertificatesRestRequest.md)\n - [SearchCertificatesRestRequestV2](docs/SearchCertificatesRestRequestV2.md)\n - [SearchCertificatesRestResponse](docs/SearchCertificatesRestResponse.md)\n - [SearchCertificatesRestResponseV2](docs/SearchCertificatesRestResponseV2.md)\n - [SearchEndEntitiesRestRequest](docs/SearchEndEntitiesRestRequest.md)\n - [SearchEndEntitiesRestRequestV2](docs/SearchEndEntitiesRestRequestV2.md)\n - [SearchEndEntitiesRestResponse](docs/SearchEndEntitiesRestResponse.md)\n - [SearchEndEntitiesSortRestRequest](docs/SearchEndEntitiesSortRestRequest.md)\n - [SearchEndEntityCriteriaRestRequest](docs/SearchEndEntityCriteriaRestRequest.md)\n - [SetEndEntityStatusRestRequest](docs/SetEndEntityStatusRestRequest.md)\n - [SshPublicKeyRestResponse](docs/SshPublicKeyRestResponse.md)\n\n\n## Application Notes\nThis API client was generated by the [OpenAPI Generator](https://openapi-generator.tech) project.  By using the [OpenAPI-spec](https://www.openapis.org/) from a remote server, you can easily generate an API client.\n\n- API version: 1.0\n- Package version: 1.0.0\n- Build package: org.openapitools.codegen.languages.GoClientCodegen\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeyfactor%2Fejbca-go-client-sdk","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkeyfactor%2Fejbca-go-client-sdk","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkeyfactor%2Fejbca-go-client-sdk/lists"}