Store cluster SSL certificate
This API call stores a cluster SSL certificate.
Authentication
To execute this request, you need the Service Provider API (ServiceProviderAPI) permission assigned to your API token. Generate your API token via Cluster Management Console (CMC). To learn how to obtain and use it, see Cluster API - Authentication.
Endpoint
/api/v1.0/onpremise/sslCertificate/store
Parameter
| Parameter | Type | Description | In | Required |
|---|---|---|---|---|
| entityType | string | entity type, possible values = "SERVER, COLLECTOR"
| path | required |
| entityId | integer | Node ID, which can be extracted from the URL in 'Node details' view. | path | required |
| body | sslCertDto | SSL certificate configuration. | body | optional |
Request body objects
The sslCertDto object
SSL certificate configuration.
| Element | Type | Description | Required |
|---|---|---|---|
| certificateChainEncoded | string | Certificate(s) X.509 standard, PEM base64-encoded format, intermediate and root certificates | optional |
| privateKeyEncoded | string | Private key PKCS #8 standard, PEM base64-encoded format | required |
| publicKeyCertificateEncoded | string | Certificate X.509 standard, PEM base64-encoded format, server certificate | required |
Request body JSON model
This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.
{"certificateChainEncoded": "-----BEGIN CERTIFICATE-----\nMIIDKT...XbTK+M\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIDKT...bXTK+M\n-----END CERTIFICATE-----","privateKeyEncoded": "-----BEGIN RSA PRIVATE KEY-----\nMIIEow...aHzMvp\n-----END RSA PRIVATE KEY-----","publicKeyCertificateEncoded": "-----BEGIN CERTIFICATE-----\nMIIDKT...XbTK+M\n-----END CERTIFICATE-----"}
Response
Response codes
| Code | Type | Description |
|---|---|---|
| 200 | CertificateStoreStatus | Successful or in progress |
| 400 | CertificateStoreStatus | Incorrect entity type |
| 500 | - | Internal error |
| 522 | CertificateStoreStatus | Certificate chain is invalid |
| 523 | CertificateStoreStatus | Private key does not match public key certificate |
| 525 | CertificateStoreStatus | Public key certificate is invalid |
| 526 | CertificateStoreStatus | Private key is invalid |
| 527 | CertificateStoreStatus | Error while storing SSL certificate |
| 528 | CertificateStoreStatus | Certificate has been stored but has not been refreshed |
| 529 | CertificateStoreStatus | Internal error |
Response body objects
The CertificateStoreStatus object
| Element | Type | Description |
|---|---|---|
| certificateStoreStatus | string | -
|
| detailedError | string | - |
Response body JSON model
{"certificateStoreStatus": "BAD_REQUEST","detailedError": "string"}
Example
In this example, you store the SSL certificate on 32 node of the myManaged.cluster.com cluster. In return you receive information that the SSL certificate was successfully updated. Make sure that your request is in JSON format. This means that the privateKeyEncoded, publicKeyCertificateEncoded and certificateChainEncoded objects are in a single line.
Curl
curl -X POST "https://myManaged.cluster.com/api/v1.0/onpremise/sslCertificate/store/SERVER/32" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"privateKeyEncoded\":\"-----BEGIN RSA PRIVATE KEY-----\MIIEow...aHzMvp\-----END RSA PRIVATE KEY-----\",\"publicKeyCertificateEncoded\":\"-----BEGIN CERTIFICATE-----\MIIDKT...XbTK+M\-----END CERTIFICATE-----\",\"certificateChainEncoded\":\"-----BEGIN CERTIFICATE-----\MIIDKT...XbTK+M\-----END CERTIFICATE-----\-----BEGIN CERTIFICATE-----\MIIDKT...bXTK+M\-----END CERTIFICATE-----\"}"
Request URL
https://myManaged.cluster.com/api/v1.0/onpremise/sslCertificate/store/SERVER/32
Response body
Successfully updated. Response doesn't have a body.
Response code
200