Central Governance 1.1.3 Users Guide Save PDF Selected topic Selected topic and subtopics All content Private key and certificate parameters This section describes how to use the isPrivateKey/isPrivateCertificate and related fields when creating or updating a private key or certificate. When you update a certificate, SSH key, or PGP key, you can update the public certificate or key without having to provide the private certificate or key, respectively. Note For SSH keys, publicKeyContent is required for DSA keys, but is optional for RSA keys. REST API resource Certificates SSH or PGP keys POST /api/v2/products/id/certificates POST /api/v2/products/id/sshkeys POST /api/v2/products/id/pgpkeys In create mode, the product certificate must be a private certificate. The certificateContent and cetificatePassword are mandatory. You must set isPrivateCertificate to true. In create mode, the product SSH/PGP key must be a private key. The keyContent is mandatory. The keyPassword is mandatory for PGP key, and optional for SSH key You must set isPrivateKey true. PUT /api/v2/products/id/certificates PUT /api/v2/products/id/sshkeys PUT /api/v2/products/id/pgpkeys If isPrivateCertificate=true:The private certificateContent must be a private certificate. The certificatePassword is required. If isPrivateCertificate=false: The public certificateContent must be a public certificate. If you do not provide isPrivateCertificate: The certificate content type is autodetected based on certificateContent. In UPDATE mode, you can replace the corresponding certificate with a public one. This allows for the updating of certificates imported during registration, such as the SecureTransport admind. If isPrivateKey=true: The keyContent must be a private key. The keyPassword is required. If isPrivateKey=false: The keyContent must be a public key. If you do not provide isPrivateKey: The key content type is autodetected based on keyContent. In UPDATE mode, you can replace the corresponding certificate with a public one. This allows for the updating of keys imported during registration, such as the SecureTransport admind. POST /api/v2/products/id/communicationprofiles PUT /api/v2/products/id/communicationprofiles Same as POST /api/v2/products/id/certificates for new certificates. Same as PUT /api/v2/products/id/certificates for updating certificates. The certificateAlias takes the value of the certificate name. Same as POST /api/v2/products/id/keys for new keys. Same as PUT /api/v2/products/id/keys for updating keys. The keyAlias takes the value of the key name. POST /api/v2/partners PUT /api/v2/partners The certificateContent must be a public certificate. The certificateContent is mandatory You must set isPrivateCertificate to false. The keyContent must be a public key. The keyContent is mandatory. You must set isPrivateKey to false. For certificates and keys created during registration, isPrivateCertificate and isPrivateKey (respectively) are set to false. You can update just the public part of these certificates/keys. Central Governance | Document Directory Related Links
Private key and certificate parameters This section describes how to use the isPrivateKey/isPrivateCertificate and related fields when creating or updating a private key or certificate. When you update a certificate, SSH key, or PGP key, you can update the public certificate or key without having to provide the private certificate or key, respectively. Note For SSH keys, publicKeyContent is required for DSA keys, but is optional for RSA keys. REST API resource Certificates SSH or PGP keys POST /api/v2/products/id/certificates POST /api/v2/products/id/sshkeys POST /api/v2/products/id/pgpkeys In create mode, the product certificate must be a private certificate. The certificateContent and cetificatePassword are mandatory. You must set isPrivateCertificate to true. In create mode, the product SSH/PGP key must be a private key. The keyContent is mandatory. The keyPassword is mandatory for PGP key, and optional for SSH key You must set isPrivateKey true. PUT /api/v2/products/id/certificates PUT /api/v2/products/id/sshkeys PUT /api/v2/products/id/pgpkeys If isPrivateCertificate=true:The private certificateContent must be a private certificate. The certificatePassword is required. If isPrivateCertificate=false: The public certificateContent must be a public certificate. If you do not provide isPrivateCertificate: The certificate content type is autodetected based on certificateContent. In UPDATE mode, you can replace the corresponding certificate with a public one. This allows for the updating of certificates imported during registration, such as the SecureTransport admind. If isPrivateKey=true: The keyContent must be a private key. The keyPassword is required. If isPrivateKey=false: The keyContent must be a public key. If you do not provide isPrivateKey: The key content type is autodetected based on keyContent. In UPDATE mode, you can replace the corresponding certificate with a public one. This allows for the updating of keys imported during registration, such as the SecureTransport admind. POST /api/v2/products/id/communicationprofiles PUT /api/v2/products/id/communicationprofiles Same as POST /api/v2/products/id/certificates for new certificates. Same as PUT /api/v2/products/id/certificates for updating certificates. The certificateAlias takes the value of the certificate name. Same as POST /api/v2/products/id/keys for new keys. Same as PUT /api/v2/products/id/keys for updating keys. The keyAlias takes the value of the key name. POST /api/v2/partners PUT /api/v2/partners The certificateContent must be a public certificate. The certificateContent is mandatory You must set isPrivateCertificate to false. The keyContent must be a public key. The keyContent is mandatory. You must set isPrivateKey to false. For certificates and keys created during registration, isPrivateCertificate and isPrivateKey (respectively) are set to false. You can update just the public part of these certificates/keys. Central Governance | Document Directory