SSL certificates and keys
Use this REST API to import your own console Secure Sockets Layer (SSL) certificates or restore the original ones that were provided with Cloud Pak System.
Import SSL certificate and key
The following method imports a console SSL certificate and key into the system.| Resource | Value | |
|---|---|---|
| URI | /admin/resources/console_cert_key | |
| Method | PUT | |
| Returns | 202 | The SSL certificate and key were imported successfully. |
| 400 | An error occurred while parsing the JSON data in the request, or the data is missing required attributes and values. | |
| 403 | The requester does not have sufficient permissions to import the SSL certificate and key. | |
| 500 | An internal error occurred while processing the request. | |
Request body
Note: The certificate and key file that you import should be in
privacy enhanced mail (PEM) format. PEM is a standard for sending secure email over the Internet.
The certificate file typically has a .crt file extension, and the key file typically has a .key file
extension. The certificate and key files in PEM format contain Base 64-encoded text that displays as
normal text at the top and bottom of the files.
The certificate and key attributes are required and correspond to the server certificate and its associated private key.
Optionally, include the passphrase and
chain attributes in the request body.
- passphrase
- The passphrase text if the specified private key is encrypted with a passphrase. The passphrase text may be Base64-encoded for inclusion in the request body.
- chain
- The Base64-encoded contents of the chain file contain only the root and/or intermediate CA certificates necessary to complete the chain of trust. The server certificate should not be included in the chain file.
Replace the <Base64-encoded file contents> and <passphrase
text> values with the appropriately encoded text.
{"certificate":"<Base64-encoded certificate file contents>","key":"<Base64-encoded private key file contents>"
[, "passphrase":"<passphrase text>", "chain":"<Base-64-encoded CA certificate chain file contents"]}Response body
The following response is returned with a failure occurs:
{
"id": "CWZIP8580",
"messages": { "message": "CWZIP8580E ...", "lang": "en_US"},
"type": "Error", "time": "Mon 03 Mar 2014 18:03:43.987 UTC",
"suggestedAction": "Not Applicable",
"uri": "/resources/console_cert_key" }Restore original console SSL certificate and key
The following method restores the original console SSL certificate and key that was provided with the system.| Resource | Value | |
|---|---|---|
| URI | /admin/resources/console_cert_key?reset=T | |
| Method | PUT | |
| Returns | 202 | The original console SSL certificate and key were restored successfully. |
| 400 | The reset parameter value is not valid. | |
| 403 | The requester does not have sufficient permissions to restore the original console SSL certificate and key. | |
| 500 | An internal error occurred while processing the request. | |
Request body
None.
Response body
The
following response is returned with a failure occurs:
{
"id": "CWZIP8580",
"messages": { "message": "CWZIP8580E ...", "lang": "en_US"},
"type": "Error", "time": "Mon 03 Mar 2014 18:03:43.987 UTC",
"suggestedAction": "Not Applicable",
"uri": "/resources/console_cert_key" }