Store cluster SSL certificate

Published Nov 18, 2020

This API call stores a cluster SSL certificate.

Authentication

To execute this request, you need the Service Provider API (ServiceProviderAPI) permission assigned to your API token. Generate your API token via Cluster Management Console (CMC). To learn how to obtain and use it, see Cluster API - Authentication.

Endpoint

/api/v1.0/onpremise/sslCertificate/store

Parameter

Parameter	Type	Description	In	Required
entityType	string	entity type, possible values = "SERVER, COLLECTOR" `COLLECTOR` `SERVER`	path	required
entityId	integer	Node ID, which can be extracted from the URL in 'Node details' view.	path	required
body	sslCertDto	SSL certificate configuration.	body	optional

Request body objects

The `sslCertDto` object

SSL certificate configuration.

Element	Type	Description	Required
certificateChainEncoded	string	Certificate(s) X.509 standard, PEM base64-encoded format, intermediate and root certificates	optional
privateKeyEncoded	string	Private key PKCS #8 standard, PEM base64-encoded format	required
publicKeyCertificateEncoded	string	Certificate X.509 standard, PEM base64-encoded format, server certificate	required

Request body JSON model

This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.

{
  "certificateChainEncoded": "-----BEGIN CERTIFICATE-----\nMIIDKT...XbTK+M\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIDKT...bXTK+M\n-----END CERTIFICATE-----",
  "privateKeyEncoded": "-----BEGIN RSA PRIVATE KEY-----\nMIIEow...aHzMvp\n-----END RSA PRIVATE KEY-----",
  "publicKeyCertificateEncoded": "-----BEGIN CERTIFICATE-----\nMIIDKT...XbTK+M\n-----END CERTIFICATE-----"
}

Response

Response codes

Code	Type	Description
200	CertificateStoreStatus	Successful or in progress
400	CertificateStoreStatus	Incorrect entity type
500	-	Internal error
522	CertificateStoreStatus	Certificate chain is invalid
523	CertificateStoreStatus	Private key does not match public key certificate
525	CertificateStoreStatus	Public key certificate is invalid
526	CertificateStoreStatus	Private key is invalid
527	CertificateStoreStatus	Error while storing SSL certificate
528	CertificateStoreStatus	Certificate has been stored but has not been refreshed
529	CertificateStoreStatus	Internal error

Response body objects

The `CertificateStoreStatus` object

Element	Type	Description
certificateStoreStatus	string	- `BAD_REQUEST` `CERTIFICATE_CHAIN_IS_INVALID` `CERTIFICATE_IS_EXPIRED` `CERTIFICATE_STORED_BUT_NOT_REFRESHED` `ERROR` `GENERAL_ERROR_WHILE_STORING_CERTIFICATE` `IN_PROGRESS` `NOT_FOUND` `OK` `PRIVATE_KEY_DOES_NOT_MATCH_PUBLIC_KEY_CERTIFICATE` `PRIVATE_KEY_IS_INVALID` `PUBLIC_KEY_CERTIFICATE_IS_INVALID`
detailedError	string	-

Response body JSON model

{
  "certificateStoreStatus": "BAD_REQUEST",
  "detailedError": "string"
}

Example

In this example, you store the SSL certificate on 32 node of the myManaged.cluster.com cluster. In return you receive information that the SSL certificate was successfully updated. Make sure that your request is in JSON format. This means that the privateKeyEncoded, publicKeyCertificateEncoded and certificateChainEncoded objects are in a single line.

Curl

curl -X POST "http://myManaged.cluster.com/api/v1.0/onpremise/sslCertificate/store/SERVER/32" -H  "accept: application/json" -H  "Content-Type: application/json" -d "{\"privateKeyEncoded\":\"-----BEGIN RSA PRIVATE KEY-----\MIIEow...aHzMvp\-----END RSA PRIVATE KEY-----\",\"publicKeyCertificateEncoded\":\"-----BEGIN CERTIFICATE-----\MIIDKT...XbTK+M\-----END CERTIFICATE-----\",\"certificateChainEncoded\":\"-----BEGIN CERTIFICATE-----\MIIDKT...XbTK+M\-----END CERTIFICATE-----\-----BEGIN CERTIFICATE-----\MIIDKT...bXTK+M\-----END CERTIFICATE-----\"}"

Request URL

http://myManaged.cluster.com/api/v1.0/onpremise/sslCertificate/store/SERVER/32

Response body

Successfully updated. Response doesn't have a body.

Response code

200