pub async fn post_star_order(
auth: EstAuth,
label: LabelExtractor,
__arg2: State<Arc<AppState>>,
headers: HeaderMap,
body: Bytes,
) -> Result<Response, KipukaError>Expand description
POST /.well-known/est/star
Create a new STAR order. The client submits a PKCS#10 CSR (base64-
encoded, same as /simpleenroll) together with optional STAR-specific
headers:
| Header | Type | Default |
|---|---|---|
Star-Renewal-Interval | u64 s | [star].default_renewal_interval_secs |
Star-Lifetime | u32 d | [star].max_lifetime_days |
On success the server issues the first certificate, stores the order,
and returns 201 Created with a Star-Order-ID header.
§Authentication
Requires EST authentication (mTLS or OTP).
§Request
| Header | Value |
|---|---|
| Content-Type | application/pkcs10 |
| Body | Base64-encoded DER PKCS#10 CSR |
§Response
| Header | Value |
|---|---|
| Status | 201 Created |
| Content-Type | application/pkcs7-mime; smime-type=certs-only |
| Star-Order-ID | UUID of the created order |