Trusted CA Management Service
{ http://soa.com/uri/products/pkiservice/wsdl/1.0 } TrustedCAServiceREST
This API is used to query and manipulate trusted certificates.
POST/certificatesUpload a trusted certificate
Add a trusted certificate to the system. An alias for the certificate may be provided. If none is specified, a random UUID value is used. System Administrator access privileges are required.
Request:
POST /rest/trustedca/certificates HTTP/1.1
Content-Type: multipart/form-data;type="application/octet-stream";boundary="boundary"
Accept: application/json
--boundary
... [binary data]
--boundary--
Response:
HTTP/1.1 200 OK
{
"alias": "1533534158",
"base64": "MIIDJjCCAg6gAwIBAgIICxRP...6FbG+zBnSQOGRsDpGSw",
"issuer": "cn=test1,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=test1,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576084016000,
"notAfter": 1733936816000,
"version": 0,
"serialNumber": 798350879637234159,
"links": [
{
"rel": "self",
"type": "application/json",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
},
{
"rel": "binary",
"type": "application/octet-stream",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
}
]
}
Parameters
Accepts multipart/form-data
Name
Type
Description
Model
alias
query
An optional query parameter for the alias to be used.
string
body
entity
A multipart message containing the certificate as a binary stream.
base64Binary
Reponse
Produces application/jsonapplication/xml
Status Code
Reason
Model
200
CertificateChainType
CertificateChainType {
atomLink {
CertificateType {
entry {
stringArray {
Links( Collection of atomLink )
Certificate( Collection of CertificateType )
}
atomLink {
hreflang( string )
length( string )
rel( string )
href( anyURI )
title( string )
type( string )
lang( string )
base( anyURI )
}
CertificateType {
notAfter( dateTime )
serialNumber( integer )
subject( string )
base64( string )
alias( string )
Links( Collection of atomLink )
subjectAltNames( Collection of entry )
version( int )
issuer( string )
notBefore( dateTime )
}
entry {
value( stringArray )
key( string )
}
stringArray {
item( Collection of string )
}
300
The request did not include a valid multipart stream
409
The supplied alias is already in use
POST/certificatesAdd a trusted certificate
Add a trusted certificate to the system. An alias for the certificate may be provided. If none is specified, a random UUID value is used. System Administrator access privileges are required.
Request:
POST /rest/trustedca/certificates HTTP/1.1
Content-Type: application/json
Accept: application/json
{
"alias": "alias1",
"base64": "MIIDJjCCAg6gAwIBAgIICxRP...6FbG+zBnSQOGRsDpGSw"
}
Response:
HTTP/1.1 200 OK
{
"certificates": [
{
"alias": "alias1",
"base64": "MIIDJjCCAg6gAwIBAgIICxRP...6FbG+zBnSQOGRsDpGSw",
"issuer": "cn=test1,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=test1,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576084016000,
"notAfter": 1733936816000,
"version": 0,
"serialNumber": 798350879637234159
}
],
"links": [
{
"rel": "self",
"type": "application/json",
"href": "http://localhost:9900/rest/trustedca/certificates/alias1"
},
{
"rel": "binary",
"type": "application/octet-stream",
"href": "http://localhost:9900/rest/trustedca/certificates/alias1"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/alias1"
}
]
}
Parameters
Accepts application/json
Name
Type
Description
Model
body
entity
CertificateType
CertificateType {
atomLink {
entry {
stringArray {
notAfter( dateTime )
serialNumber( integer )
subject( string )
base64( string )
alias( string )
Links( Collection of atomLink, required )
subjectAltNames( Collection of entry )
version( int, required )
issuer( string )
notBefore( dateTime )
}
atomLink {
hreflang( string )
length( string )
rel( string )
href( anyURI, required )
title( string )
type( string )
lang( string )
base( anyURI )
}
entry {
value( stringArray )
key( string )
}
stringArray {
item( Collection of string )
}
Reponse
Produces application/jsonapplication/xml
Status Code
Reason
Model
200
Success
CertificateChainType
CertificateChainType {
atomLink {
CertificateType {
entry {
stringArray {
Links( Collection of atomLink )
Certificate( Collection of CertificateType )
}
atomLink {
hreflang( string )
length( string )
rel( string )
href( anyURI )
title( string )
type( string )
lang( string )
base( anyURI )
}
CertificateType {
notAfter( dateTime )
serialNumber( integer )
subject( string )
base64( string )
alias( string )
Links( Collection of atomLink )
subjectAltNames( Collection of entry )
version( int )
issuer( string )
notBefore( dateTime )
}
entry {
value( stringArray )
key( string )
}
stringArray {
item( Collection of string )
}
POST/certificates deprecated Deprecated. Add a certificate using a form
Deprecated. Please use the JSON or multipart operations to add a certificate.
Parameters
Accepts application/x-www-form-urlencoded
Name
Type
Description
Model
location
form
string
Cert
form
Base64 encoded certificate bytes.
string
Reponse
Produces text/plain
Status Code
Reason
Model
200
Success
string
GET/certificatesGet trusted certificates
Get a list of all trusted certificates in the system. Each entry will not include the certificate data, but will include a self link that may be used to retrieve detailed information, including the certificate as a base64 encoded string. If the client has authority to add a new trusted certificate, the response will include an add link with the URL of the endpoint to POST any new trusted certificates.
Request:
GET /rest/trustedca/certificates HTTP/1.1
Accept: application/json
Response:
HTTP/1.1 200 OK
{
"certificates": [
{
"alias": "smca",
"issuer": "cn=policymanager,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=policymanager,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576106819000,
"notAfter": 1672315200000,
"version": 0,
"serialNumber": 294,
"links": [
{
"rel": "self",
"type": "application/json",
"href": "http://localhost:9900/rest/trustedca/certificates/smca"
},
{
"rel": "binary",
"type": "application/octet-stream",
"href": "http://localhost:9900/rest/trustedca/certificates/smca"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/smca"
}
]
},
{
"alias": "1533534158",
"issuer": "cn=nd1,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=nd1,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576084016000,
"notAfter": 1733936816000,
"version": 0,
"serialNumber": 798350879637234159,
"links": [
{
"rel": "self",
"type": "application/json",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
},
{
"rel": "binary",
"type": "application/octet-stream",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
}
]
},
{
"alias": "2181-9f4d-41d4-b8fb-fb3de97b595a",
"issuer": "cn=pm1,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=pm1,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576083555000,
"notAfter": 1733936355000,
"version": 0,
"serialNumber": 3385896318653270171,
"links": [
{
"rel": "self",
"type": "application/json",
"href": "http://localhost:9900/rest/trustedca/certificates/-1357046979"
},
{
"rel": "binary",
"type": "application/octet-stream",
"href": "http://localhost:9900/rest/trustedca/certificates/-1357046979"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/-1357046979"
}
]
}
],
"links": [
{
"rel": "self",
"href": "http://localhost:9900/rest/trustedca/certificates"
},
{
"rel": "add",
"href": "http://localhost:9900/rest/trustedca/certificates"
}
]
}
Reponse
Produces application/jsonapplication/xml
Status Code
Reason
Model
200
Success
TrustedCertificatesType
TrustedCertificatesType {
atomLink {
CertificateType {
entry {
stringArray {
Links( Collection of atomLink )
Certificate( Collection of CertificateType )
}
atomLink {
hreflang( string )
length( string )
rel( string )
href( anyURI )
title( string )
type( string )
lang( string )
base( anyURI )
}
CertificateType {
notAfter( dateTime )
serialNumber( integer )
subject( string )
base64( string )
alias( string )
Links( Collection of atomLink )
subjectAltNames( Collection of entry )
version( int )
issuer( string )
notBefore( dateTime )
}
entry {
value( stringArray )
key( string )
}
stringArray {
item( Collection of string )
}
GET/certificates/{alias}Get trusted certificate binary
Get a trusted certificate as raw bytes given a specified alias.
Request:
GET /rest/trustedca/certificates/1533534158 HTTP/1.1
Accept: application/octet-stream
Response:
HTTP/1.1 200 OK
[binary data]
Parameters
Name
Type
Description
Model
alias
path
The alias identifying the required certificate.
string
Reponse
Produces application/octet-stream
Status Code
Reason
Model
200
Success
byte
DELETE/certificates/{alias}Remove a trusted certificate
Remove a trusted certificate from the system. The certificate to be deleted is identified by its alias. System Administrator access privileges are required.
Parameters
Name
Type
Description
Model
alias
path
The alias identifying the certificate to delete.
string
DELETE/certificates/expiredRemove all expired trusted certificates from a given system date in UTC
DELETE/certificates/{alias} deprecated Deprecated. Delete a certificate usign a form
Deprecated. Please use the non-form operations to add a certificate.
Parameters
Accepts application/x-www-form-urlencoded
Name
Type
Description
Model
alias
path
string
POST/certificates/keystoreUploads trusted ca certificate from jks or pkcs12 keystore
Uploads trusted ca certificate from jks or pkcs12 keystore. System Administrator access privileges are required.
Request:
POST /rest/trustedca/certificates/keystore HTTP/1.1
Content-Type: multipart/form-data;type="application/octet-stream";boundary="boundary"
Accept: application/json
--boundary
... [binary data]
--boundary--
Response:
HTTP/1.1 200 OK
[
{
"certificates": [
{
"alias": "1331014746",
"issuer": "cn=akana,ou=perforce,o=gj,l=parker,st=co,c=us",
"subject": "cn=akana,ou=perforce,o=gj,l=parker,st=co,c=us",
"notBefore": 1644422395000,
"notAfter": 1675958395000,
"version": 0,
"serialNumber": 1644422395
}
],
"links": [
{
"rel": "self",
"href": "http://localhost:9900/rest/trustedca/certificates/1331014746"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/1331014746"
}
]
},
{
"certificates": [
{
"alias": "1973160435",
"issuer": "cn=copa_cert,ou=akanae,o=perforce,l=denver,st=co,c=us",
"subject": "cn=copa_cert,ou=akanae,o=perforce,l=denver,st=co,c=us",
"notBefore": 1665520984000,
"notAfter": 1823287384000,
"version": 0,
"serialNumber": 1665520984
}
],
"links": [
{
"rel": "self",
"href": "http://localhost:9900/rest/trustedca/certificates/1973160435"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/1973160435"
}
]
}
]
Parameters
Accepts multipart/form-data
Name
Type
Description
Model
body
entity
The uploaded file.
base64Binary
Reponse
Produces application/jsonapplication/xml
Status Code
Reason
Model
201
The PKI information was successfully created
CertificateChainType
CertificateChainType {
atomLink {
CertificateType {
entry {
stringArray {
Links( Collection of atomLink )
Certificate( Collection of CertificateType )
}
atomLink {
hreflang( string )
length( string )
rel( string )
href( anyURI )
title( string )
type( string )
lang( string )
base( anyURI )
}
CertificateType {
notAfter( dateTime )
serialNumber( integer )
subject( string )
base64( string )
alias( string )
Links( Collection of atomLink )
subjectAltNames( Collection of entry )
version( int )
issuer( string )
notBefore( dateTime )
}
entry {
value( stringArray )
key( string )
}
stringArray {
item( Collection of string )
}
404
A service with the given keys could not be found
GET/certificates/{alias}Get trusted certificate
Get information for a trusted certificate given a specified alias.
Request:
GET /rest/trustedca/certificates/1533534158 HTTP/1.1
Accept: application/json
Response:
HTTP/1.1 200 OK
{
"certificates": [
{
"alias":"1533534158",
"base64": "MIIDJjCCAg6gAwIBAgIILv0ewz...OQN98Fgexl3gM0949iavID",
"issuer": "cn=pm1,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=pm1,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576083555000,
"notAfter": 1733936355000,
"version": 0,
"serialNumber": 3385896318653270171
}
],
"links": [
{
"rel": "self",
"href": "http://localhost:9900/rest/trstedca/certificates/1533534158"
}
]
}
Parameters
Name
Type
Description
Model
alias
path
The alias identifying the required certificate.
string
Reponse
Produces application/jsonapplication/xml
Status Code
Reason
Model
200
Success
CertificateChainType
CertificateChainType {
atomLink {
CertificateType {
entry {
stringArray {
Links( Collection of atomLink )
Certificate( Collection of CertificateType )
}
atomLink {
hreflang( string )
length( string )
rel( string )
href( anyURI )
title( string )
type( string )
lang( string )
base( anyURI )
}
CertificateType {
notAfter( dateTime )
serialNumber( integer )
subject( string )
base64( string )
alias( string )
Links( Collection of atomLink )
subjectAltNames( Collection of entry )
version( int )
issuer( string )
notBefore( dateTime )
}
entry {
value( stringArray )
key( string )
}
stringArray {
item( Collection of string )
}
