Trusted CA Management Service
{ http://soa.com/uri/products/pkiservice/wsdl/1.0 } TrustedCAServiceREST
This API is used to query and manipulate trusted certificates.
POST/certificatesUpload a trusted certificate
Add a trusted certificate to the system. An alias for the certificate may be provided. If none is specified, a random UUID value is used. System Administrator access privileges are required.
Request:
POST /rest/trustedca/certificates HTTP/1.1
Content-Type: multipart/form-data;type="application/octet-stream";boundary="boundary"
Accept: application/json
--boundary
... [binary data]
--boundary--
Response:
HTTP/1.1 200 OK
{
"alias": "1533534158",
"base64": "MIIDJjCCAg6gAwIBAgIICxRP...6FbG+zBnSQOGRsDpGSw",
"issuer": "cn=test1,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=test1,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576084016000,
"notAfter": 1733936816000,
"version": 0,
"serialNumber": 798350879637234159,
"links": [
{
"rel": "self",
"type": "application/json",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
},
{
"rel": "binary",
"type": "application/octet-stream",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
}
]
}
Parameters
Reponse
atomLink {
CertificateType {
entry {
stringArray {
POST/certificatesAdd a trusted certificate
Add a trusted certificate to the system. An alias for the certificate may be provided. If none is specified, a random UUID value is used. System Administrator access privileges are required.
Request:
POST /rest/trustedca/certificates HTTP/1.1
Content-Type: application/json
Accept: application/json
{
"alias": "alias1",
"base64": "MIIDJjCCAg6gAwIBAgIICxRP...6FbG+zBnSQOGRsDpGSw"
}
Response:
HTTP/1.1 200 OK
{
"certificates": [
{
"alias": "alias1",
"base64": "MIIDJjCCAg6gAwIBAgIICxRP...6FbG+zBnSQOGRsDpGSw",
"issuer": "cn=test1,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=test1,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576084016000,
"notAfter": 1733936816000,
"version": 0,
"serialNumber": 798350879637234159
}
],
"links": [
{
"rel": "self",
"type": "application/json",
"href": "http://localhost:9900/rest/trustedca/certificates/alias1"
},
{
"rel": "binary",
"type": "application/octet-stream",
"href": "http://localhost:9900/rest/trustedca/certificates/alias1"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/alias1"
}
]
}
Parameters
atomLink {
entry {
stringArray {
Reponse
atomLink {
CertificateType {
entry {
stringArray {
POST/certificates deprecated Deprecated. Add a certificate using a form
Deprecated. Please use the JSON or multipart operations to add a certificate.
Parameters
Reponse
GET/certificatesGet trusted certificates
Get a list of all trusted certificates in the system. Each entry will not include the certificate data, but will include a self link that may be used to retrieve detailed information, including the certificate as a base64 encoded string. If the client has authority to add a new trusted certificate, the response will include an add link with the URL of the endpoint to POST any new trusted certificates.
Request:
GET /rest/trustedca/certificates HTTP/1.1
Accept: application/json
Response:
HTTP/1.1 200 OK
{
"certificates": [
{
"alias": "smca",
"issuer": "cn=policymanager,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=policymanager,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576106819000,
"notAfter": 1672315200000,
"version": 0,
"serialNumber": 294,
"links": [
{
"rel": "self",
"type": "application/json",
"href": "http://localhost:9900/rest/trustedca/certificates/smca"
},
{
"rel": "binary",
"type": "application/octet-stream",
"href": "http://localhost:9900/rest/trustedca/certificates/smca"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/smca"
}
]
},
{
"alias": "1533534158",
"issuer": "cn=nd1,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=nd1,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576084016000,
"notAfter": 1733936816000,
"version": 0,
"serialNumber": 798350879637234159,
"links": [
{
"rel": "self",
"type": "application/json",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
},
{
"rel": "binary",
"type": "application/octet-stream",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/1533534158"
}
]
},
{
"alias": "2181-9f4d-41d4-b8fb-fb3de97b595a",
"issuer": "cn=pm1,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=pm1,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576083555000,
"notAfter": 1733936355000,
"version": 0,
"serialNumber": 3385896318653270171,
"links": [
{
"rel": "self",
"type": "application/json",
"href": "http://localhost:9900/rest/trustedca/certificates/-1357046979"
},
{
"rel": "binary",
"type": "application/octet-stream",
"href": "http://localhost:9900/rest/trustedca/certificates/-1357046979"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/-1357046979"
}
]
}
],
"links": [
{
"rel": "self",
"href": "http://localhost:9900/rest/trustedca/certificates"
},
{
"rel": "add",
"href": "http://localhost:9900/rest/trustedca/certificates"
}
]
}
Reponse
atomLink {
CertificateType {
entry {
stringArray {
GET/certificates/{alias}Get trusted certificate binary
Get a trusted certificate as raw bytes given a specified alias.
Request:
GET /rest/trustedca/certificates/1533534158 HTTP/1.1
Accept: application/octet-stream
Response:
HTTP/1.1 200 OK
[binary data]
Parameters
Reponse
DELETE/certificates/{alias}Remove a trusted certificate
Remove a trusted certificate from the system. The certificate to be deleted is identified by its alias. System Administrator access privileges are required.
Parameters
DELETE/certificates/expiredRemove all expired trusted certificates from a given system date in UTC
DELETE/certificates/{alias} deprecated Deprecated. Delete a certificate usign a form
Deprecated. Please use the non-form operations to add a certificate.
Parameters
POST/certificates/keystoreUploads trusted ca certificate from jks or pkcs12 keystore
Uploads trusted ca certificate from jks or pkcs12 keystore. System Administrator access privileges are required.
Request:
POST /rest/trustedca/certificates/keystore HTTP/1.1
Content-Type: multipart/form-data;type="application/octet-stream";boundary="boundary"
Accept: application/json
--boundary
... [binary data]
--boundary--
Response:
HTTP/1.1 200 OK
[
{
"certificates": [
{
"alias": "1331014746",
"issuer": "cn=akana,ou=perforce,o=gj,l=parker,st=co,c=us",
"subject": "cn=akana,ou=perforce,o=gj,l=parker,st=co,c=us",
"notBefore": 1644422395000,
"notAfter": 1675958395000,
"version": 0,
"serialNumber": 1644422395
}
],
"links": [
{
"rel": "self",
"href": "http://localhost:9900/rest/trustedca/certificates/1331014746"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/1331014746"
}
]
},
{
"certificates": [
{
"alias": "1973160435",
"issuer": "cn=copa_cert,ou=akanae,o=perforce,l=denver,st=co,c=us",
"subject": "cn=copa_cert,ou=akanae,o=perforce,l=denver,st=co,c=us",
"notBefore": 1665520984000,
"notAfter": 1823287384000,
"version": 0,
"serialNumber": 1665520984
}
],
"links": [
{
"rel": "self",
"href": "http://localhost:9900/rest/trustedca/certificates/1973160435"
},
{
"rel": "delete",
"href": "http://localhost:9900/rest/trustedca/certificates/1973160435"
}
]
}
]
Parameters
Reponse
atomLink {
CertificateType {
entry {
stringArray {
GET/certificates/{alias}Get trusted certificate
Get information for a trusted certificate given a specified alias.
Request:
GET /rest/trustedca/certificates/1533534158 HTTP/1.1
Accept: application/json
Response:
HTTP/1.1 200 OK
{
"certificates": [
{
"alias":"1533534158",
"base64": "MIIDJjCCAg6gAwIBAgIILv0ewz...OQN98Fgexl3gM0949iavID",
"issuer": "cn=pm1,ou=akana,o=perforce,l=la,st=ca,c=us",
"subject": "cn=pm1,ou=akana,o=perforce,l=la,st=ca,c=us",
"notBefore": 1576083555000,
"notAfter": 1733936355000,
"version": 0,
"serialNumber": 3385896318653270171
}
],
"links": [
{
"rel": "self",
"href": "http://localhost:9900/rest/trstedca/certificates/1533534158"
}
]
}
Parameters
Reponse
atomLink {
CertificateType {
entry {
stringArray {