Store cluster SSL certificate

This API call stores a cluster SSL certificate.

Authentication

To execute this request, you need the Service Provider API (ServiceProviderAPI) permission assigned to your API token. Generate your API token via Cluster Management Console (CMC). To learn how to obtain and use it, see Cluster API - Authentication.

Endpoint

/api/v1.0/onpremise/sslCertificate/store

Parameter

Parameter
Type
Description
In
Required
entityType
string

entity type, possible values = "SERVER, COLLECTOR"

  • COLLECTOR
  • SERVER
path
required
entityId
integer

Node ID, which can be extracted from the URL in 'Node details' view.

path
required
body

SSL certificate configuration.

body
optional

Request body objects

The sslCertDto object

SSL certificate configuration.

Element
Type
Description
Required
certificateChainEncoded
string

Certificate(s) X.509 standard, PEM base64-encoded format, intermediate and root certificates

optional
privateKeyEncoded
string

Private key PKCS #8 standard, PEM base64-encoded format

required
publicKeyCertificateEncoded
string

Certificate X.509 standard, PEM base64-encoded format, server certificate

required

Request body JSON model

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.

{
  "certificateChainEncoded": "-----BEGIN CERTIFICATE-----\nMIIDKT...XbTK+M\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIDKT...bXTK+M\n-----END CERTIFICATE-----",
  "privateKeyEncoded": "-----BEGIN RSA PRIVATE KEY-----\nMIIEow...aHzMvp\n-----END RSA PRIVATE KEY-----",
  "publicKeyCertificateEncoded": "-----BEGIN CERTIFICATE-----\nMIIDKT...XbTK+M\n-----END CERTIFICATE-----"
}

Response

Response codes

Code
Type
Description
200

Successful or in progress

400

Incorrect entity type

500
-

Internal error

522

Certificate chain is invalid

523

Private key does not match public key certificate

525

Public key certificate is invalid

526

Private key is invalid

527

Error while storing SSL certificate

528

Certificate has been stored but has not been refreshed

529

Internal error

Response body objects

The CertificateStoreStatus object

Element
Type
Description
certificateStoreStatus
string
-
  • BAD_REQUEST
  • CERTIFICATE_CHAIN_IS_INVALID
  • CERTIFICATE_IS_EXPIRED
  • CERTIFICATE_STORED_BUT_NOT_REFRESHED
  • ERROR
  • GENERAL_ERROR_WHILE_STORING_CERTIFICATE
  • IN_PROGRESS
  • NOT_FOUND
  • OK
  • PRIVATE_KEY_DOES_NOT_MATCH_PUBLIC_KEY_CERTIFICATE
  • PRIVATE_KEY_IS_INVALID
  • PUBLIC_KEY_CERTIFICATE_IS_INVALID
detailedError
string
-

Response body JSON model

{
  "certificateStoreStatus": "BAD_REQUEST",
  "detailedError": "string"
}

Example

In this example, you store the SSL certificate on 32 node of the myManaged.cluster.com cluster. In return you receive information that the SSL certificate was successfully updated. Make sure that your request is in JSON format. This means that the privateKeyEncoded, publicKeyCertificateEncoded and certificateChainEncoded objects are in a single line.

Curl

curl -X POST "https://myManaged.cluster.com/api/v1.0/onpremise/sslCertificate/store/SERVER/32" -H  "accept: application/json" -H  "Content-Type: application/json" -d "{\"privateKeyEncoded\":\"-----BEGIN RSA PRIVATE KEY-----\MIIEow...aHzMvp\-----END RSA PRIVATE KEY-----\",\"publicKeyCertificateEncoded\":\"-----BEGIN CERTIFICATE-----\MIIDKT...XbTK+M\-----END CERTIFICATE-----\",\"certificateChainEncoded\":\"-----BEGIN CERTIFICATE-----\MIIDKT...XbTK+M\-----END CERTIFICATE-----\-----BEGIN CERTIFICATE-----\MIIDKT...bXTK+M\-----END CERTIFICATE-----\"}"

Request URL

https://myManaged.cluster.com/api/v1.0/onpremise/sslCertificate/store/SERVER/32

Response body

Successfully updated. Response doesn't have a body.

Response code

200