Private key and certificate parameters

This section describes how to use the isPrivateKey/isPrivateCertificate and related fields when creating or updating a private key or certificate. When you update a certificate, SSH key, or PGP key, you can update the public certificate or key without having to provide the private certificate or key, respectively.

Note For SSH keys, publicKeyContent is required for DSA keys, but is optional for RSA keys.

REST API resource

Certificates

SSH or PGP keys

POST /api/v2/products/id/certificates

POST /api/v2/products/id/sshkeys

POST /api/v2/products/id/pgpkeys

  • In create mode, the product certificate must be a private  certificate.
  • The certificateContent and cetificatePassword are mandatory.
  • You must set isPrivateCertificate to true. 
  • In create mode, the product SSH/PGP key must be a private  key.
  • The keyContent is  mandatory.
  • The keyPassword is mandatory for PGP key, and optional for SSH key
  • You must set isPrivateKey true. 

PUT /api/v2/products/id/certificates

PUT /api/v2/products/id/sshkeys

PUT /api/v2/products/id/pgpkeys

 

  • If isPrivateCertificate=true:
    • The  private certificateContent must be a private certificate.
    • The certificatePassword is required.
  • If isPrivateCertificate=false:
    • The public certificateContent must be a public certificate.
  • If you do not provide isPrivateCertificate:
    • The certificate content type is autodetected based on certificateContent.

In UPDATE mode, you can replace the corresponding certificate with a public one. This allows for the updating of certificates imported during registration, such as the SecureTransport admind.

  • If isPrivateKey=true:
    • The keyContent must be a private key.
    • The keyPassword is required.
  • If isPrivateKey=false:
    • The keyContent must be a public key.
  • If you do not provide isPrivateKey:
    • The key content type is autodetected based on keyContent.

In UPDATE mode, you can replace the corresponding certificate with a public one. This allows for the updating of keys imported during registration, such as the SecureTransport admind.

POST /api/v2/products/id/communicationprofiles

PUT /api/v2/products/id/communicationprofiles

  • Same as POST /api/v2/products/id/certificates for new certificates.
  • Same as PUT /api/v2/products/id/certificates for updating certificates.

The certificateAlias takes the value of the certificate name.

  • Same as POST /api/v2/products/id/keys for new keys.
  • Same as PUT /api/v2/products/id/keys for updating keys.

The keyAlias takes the value of the key name.

POST /api/v2/partners

PUT /api/v2/partners

  • The certificateContent must be a public certificate.
  • The certificateContent is mandatory
  • You must set isPrivateCertificate to false.
  • The keyContent must be a public key.
  • The keyContent is mandatory.
  • You must set isPrivateKey to false.

For certificates and keys created during registration, isPrivateCertificate and isPrivateKey (respectively) are set to false. You can update just the public part of these certificates/keys.

 

Central Governance | Document Directory

Related Links