← Back to Sealva

Technical Documentation

JSON format for importing external Certificate Sets into Sealva Mobile App

Overview

To import external Certificate Sets into the Sealva Mobile App, a QR code containing specific JSON data is required. This QR code provides the app with the necessary information to download and import certificate keystores.

QR Code JSON Format

The QR code must contain a JSON object with the following structure:

Fields

certUrl
The complete URL to the keystore collection endpoint
Format: https://backend.server.example/certSet
certSetName
The name of the Certificate Set (string)
certSetId
The unique ID of the Certificate Set (UUID) for internal reference purpose

Example

{
  "certUrl": "https://backend.server.example/certSet",
  "certSetName": "My Certificate Set",
  "certSetId": "550e8400-e29b-41d4-a716-446655440000"
}

Certificate Collection Response

When the Sealva app calls the certUrl, the server must respond with a JSON object containing references to the actual certificate keystores.

Response Structure

ca
Certificate Authority keystore object
ds
Document Signer keystore object
sksInfoVersion
Version of the SKS Info structure (always 2)
lastPublished
Timestamp of last publication (Unix timestamp in milliseconds)

Keystore Object Structure

Both ca and ds objects have the following fields:

format
For Sealva, only "zip" is supported
url
Download URL for the ZIP file containing the certificates (string)
lastupdate
Timestamp of last update (Unix timestamp in milliseconds)

Example Response

{
  "ca": {
    "format": "zip",
    "url": "https://backend.server.example/certSet/certSetId/ca.zip",
    "lastupdate": 1704297600000
  },
  "ds": {
    "format": "zip",
    "url": "https://backend.server.example/certSet/certSetId/ds.zip",
    "lastupdate": 1704297600000
  },
  "sksInfoVersion": 2,
  "lastPublished": 1704297600000
}

Import Process

  1. User scans the QR code in Sealva Mobile App
  2. App parses the JSON to extract certUrl, certSetName, and certSetId
  3. App calls the certUrl endpoint
  4. Server responds with the certificate collection JSON
  5. App downloads the ZIP files from ca.url and ds.url
  6. Certificates are imported and ready for VDS validation

← Back to Sealva