How to create a DSC
A DSC (Document Signer Certificate) is an intermediate X.509 certificate used to digitally sign Mobile Security Objects (MSOs) in mDocs.
Request
Make a request of the following structure to create a DSC:
POST /v2/credentials/mobile/document-signers
{
"active": true,
"commonName": "MATTR DSC",
"notAfter": "2024-08-26"
}
active
: This required parameter defines the status of the created DSC. Only active (true
) DSCs can be used to sign mDocs.commonName
: This optional parameter indicates the common name of the DSC certificate. When specified, the value must be a validPrintableString
and cannot be an empty string. If not provided and a custom domain is configured and verified, the custom domain is used followed by the words Document Signer. If no custom domain is configured, the tenant subdomain is used instead.notAfter
: This optional paramter defines the date after which the DSC can no longer be used to sign mDocs. If not provided, defaults to 365 days. Maximum value is 457 days.
Response
{
"id": "e7ffdcb3-be6b-4476-a1a9-bbb92db1bc0f",
"active": true,
"publicKeyJwk": {
"kty": "EC",
"crv": "P-256",
"x": "3roTNEegJH4Y3QNRDCfBe8K0_rBYL8FoYvyJEaDSYWI",
"y": "ZXvaLVjQIHJHAUcWR5jPcYBLkdQPum4h5i0EJ1iYxx4"
},
"certificatePem": "-----BEGIN CERTIFICATE-----\r\nMIIB7zCCAZWgAwIBAgIKVvisuUgAu633uzAKBggqhkjOPQQDAjAgMR4wCQYDVQQG\r\nEwJOWjARBgNVBAMTCk1BVFRSIElBQ0EwHhcNMjMwODA4MDAwOTIxWhcNMjQwODAy\r\nMDAwOTIxWjAfMR0wCQYDVQQGEwJOWjAQBgNVBAMTCU1BVFRSIERTQzBZMBMGByqG\r\nSM49AgEGCCqGSM49AwEHA0IABN66EzRHoCR+GN0DUQwnwXvCtP6wWC/BaGL8iRGg\r\n0mFiZXvaLVjQIHJHAUcWR5jPcYBLkdQPum4h5i0EJ1iYxx6jgbcwgbQwEgYDVR0T\r\nAQH/BAgwBgEB/wIBAzAdBgNVHQ4EFgQU1fqFUtZavQ4hgjh8AyjJpJeEWuswHwYD\r\nVR0jBBgwFoAUjjXBxoeCHztXWKK0abLha7Pn/EgwDgYDVR0PAQH/BAQDAgCAMBwG\r\nA1UdEQQVMBOBEWluZm9AbWF0dHIuZ2xvYmFsMBwGA1UdEgQVMBOBEWluZm9AbWF0\r\ndHIuZ2xvYmFsMBIGA1UdJQQLMAkGByiBjF0FAQIwCgYIKoZIzj0EAwIDSAAwRQIg\r\nKwQAsGozvv4zzNN8nbDI7aCfWA14e9JxsbveD5nRgTMCIQCE7h9AxvYAMpP+iyS/\r\nX9cZo87CcUTOJSU7Am2Y7WEDfg==\r\n-----END CERTIFICATE-----\r\n",
"certificateFingerprint": "f6cad6e579d70b3973efa60624af731a580d1a11a7579e70f2f10f059dc86172",
"certificateData": {
"notAfter": "2024-08-26T00:09:21.000Z",
"notBefore": "2023-08-08T00:09:21.000Z",
"commonName": "MATTR DSC",
"country": "NZ"
}
}
id
: Each DSC created on MATTR VII will have a unique identifier which must be provided when using this DSC to sign an mDoc.active
: Indicates the DSC status. Only active (true
) DSCs can be used to sign mDocs.publicKeyJwk
: JWK format of the DSC public key.certificatePEM
: Certificate PEM format.certificateFingerprint
: DSC Hash that includes all certificate data and its signature.certificateData
: Key details of the created DSC:notAfter
: DSC expiry date. Cannot be later than thenotAfter
of the IACA used to sign the DSC.notBefore
: DSC creation date. Cannot be earlier than thenotBefore
date of the IACA used to issue the DSC.commonName
: DSC name, as provided in the request.country
: Country of the IACAβs issuer.