Uanataca Timestamp does **not** expose a REST/OpenAPI API. The service follows **RFC-3161** (Time-Stamp Protocol, TSP): you send a timestamp query (`.tsq`) and receive a timestamp response (`.tsr`). This page describes the workflow using **OpenSSL** and **curl**. You need: - **OpenSSL** — to create the `.tsq` and verify the `.tsr` - **curl** — to send the request to the TSA endpoint with authentication - **Billing credentials** — username and password for the environment you use Endpoints: production `https://tsa.uanataca.com/tsa/tss03`, sandbox `https://tsa.sandbox.uanataca.com/tsa/tss03`. Replace `billing_username` and `billing_password` in the examples with your Billing credentials. ## Step 1: Hash generation (create timestamp query) The original document is **not** sent to the TSA. You send a **hash** of the data. The timestamp request (`.tsq`) is built from a **SHA-256** digest. ### Command Generate a timestamp query file from a file (e.g. `testfile.pdf`): ```bash openssl ts -query -data testfile.pdf -no_nonce -sha256 -out request.tsq ``` - `-data testfile.pdf` — input file to hash (use the file you want to timestamp) - `-no_nonce` — do not include a nonce (optional, can be omitted if your TSA accepts nonce) - `-sha256` — use SHA-256 for the message imprint - `-out request.tsq` — output file for the timestamp query ### Result The file **request.tsq** is the timestamp query ready to send in the next step. ## Step 2: Timestamp request (send query to TSA) Send the `.tsq` file to the TSA over HTTP with `Content-Type: application/timestamp-query` and **HTTP Basic Auth** using your Billing credentials. ### Linux / macOS ```bash curl -H 'Content-Type: application/timestamp-query' \ --data-binary @request.tsq \ https://tsa.uanataca.com/tsa/tss03 \ -o response.tsr \ -u billing_username:billing_password ``` ### Windows (PowerShell / cmd) ```bash curl -H "Content-Type: application/timestamp-query" --data-binary @request.tsq https://tsa.uanataca.com/tsa/tss03 -o response.tsr -u billing_username:billing_password ``` Use **sandbox** for testing: ```bash curl -H 'Content-Type: application/timestamp-query' \ --data-binary @request.tsq \ https://tsa.sandbox.uanataca.com/tsa/tss03 \ -o response.tsr \ -u billing_username:billing_password ``` ### Parameters | Option | Description | | --- | --- | | `-H 'Content-Type: application/timestamp-query'` | Required content type for RFC-3161 request | | `--data-binary @request.tsq` | Send the contents of `request.tsq` as the request body | | `-o response.tsr` | Save the TSA response into `response.tsr` | | `-u billing_username:billing_password` | HTTP Basic Auth with your Billing credentials | ### Result The file **response.tsr** contains the signed timestamp token (hash + date/time) and can be used for verification or attachment to the original data. ## Step 3: Verification (inspect timestamp response) Verify the timestamp response to confirm status and content. ### Command ```bash openssl ts -reply -in response.tsr -text ``` ### Example output The output includes status, policy, hash algorithm, message digest, serial number, time, and TSA identity, for example: ```text Status info: Status: Granted. Status description: unspecified Failure info: unspecified TST info: Version: 1 Policy OID: 0.4.0.2023.1.1 Hash Algorithm: sha256 Message data: 0000 - 22 e7 e9 67 5c 6b d7 ea-b6 7f 35 f0 e4 32 c6 9c "..g\k....5..2.. ... Serial number: 0x69C8C103117F52 Time stamp: Nov 11 17:11:42 2020 GMT Accuracy: 0x01 seconds, unspecified millis, unspecified micros Ordering: no Nonce: unspecified TSA: DirName:/C=ES/L=Barcelona/O=UANATACA S.A./OU=TSP-UANATACA/CN=Sello cualificado de tiempo electrónico de UANATACA – TSU01/... Extensions: qcStatements: ... ``` - **Status: Granted** — the timestamp was issued successfully. - **Time stamp** — the time bound to the hash. - **TSA** — identifies the Uanataca TSA certificate. Use this step to ensure the response is valid before storing or using the `.tsr`. ## Complete workflow summary | Step | Tool | Input | Output | | --- | --- | --- | --- | | 1. Hash / query | OpenSSL | Document (e.g. `testfile.pdf`) | `request.tsq` | | 2. Request | curl | `request.tsq` + URL + credentials | `response.tsr` | | 3. Verify | OpenSSL | `response.tsr` | Human-readable TST info | ## Related documentation - [Get started with Timestamp](/products/namirialpkiaas/timestamp/enterprise-documentation/get-started/get-started) — Endpoints and Billing authentication - [Timestamp homepage](/products/namirialpkiaas/timestamp/homepage) — Service description and documentation index