reserved instance

Upload a key store certificate - curl

Import TLS certificate from a single self-contained PEM file into the queue manager's key store.

POST /v1/{service_instance_guid}/queue_managers/{queue_manager_id}/certificates/key_store

Request

Custom Headers  
Accept-Language
string

The acceptable list of languages supported in the client.

Possible values: 1 ≤ length ≤ 256, Value must match regular expression [a-zA-Z0-9\-;,\s.]*

Example: en-US,en;q=0.5

Path Parameters  
service_instance_guid
Required*
string

The GUID that uniquely identifies the IBM® MQ as a Service instance.

Possible values: length = 36, Value must match regular expression ^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$

Example: a2b4d4bc-dadb-4637-bcec-9b7d1e723af8

queue_manager_id
Required*
string

The id of the queue manager to retrieve its full details.

Possible values: length = 32, Value must match regular expression ^[0-9a-fA-F]{32}$

Example: b8e1aeda078009cf3db74e90d5d42328

Form parameters  
label
Required*
string

The label to use for the certificate to be uploaded.

Possible values: 1 ≤ length ≤ 64, Value must match regular expression ^[a-zA-Z0-9_.]*$

Example: certlabel

certificate_file
Required*
binary

The filename and path of the certificate to be uploaded.

Possible values: 1500 ≤ length ≤ 65537

Example request

curl -X POST --location --header "Authorization: Bearer ${iam_token}" --header "Accept: application/json" --header "Content-Type: multipart/form-data" --form 'label=certlabel' --form 'certificate_file=@tempdir/test-file.txt;type=application/octet-stream' "${base_url}/v1/${service_instance_guid}/queue_managers/${queue_manager_id}/certificates/key_store"

Response

Response Body
KeyStoreCertificateDetails
The details of a key store certificate in a queue manager certificate key store.
id
Always included*
string

Id of the certificate.

Possible values: 1 ≤ length ≤ 16, Value must match regular expression ^[0-9a-fA-F]*$

label
Always included*
string

Certificate label in queue manager store.

Possible values: 1 ≤ length ≤ 64, Value must match regular expression ^[a-zA-Z0-9_.]*$

certificate_type
Always included*
string

The type of certificate.

Possible values: [trust_store]

fingerprint_sha256
Always included*
string

Fingerprint SHA256.

Possible values: Value must match regular expression ^[A-F0-9]{2}(:[A-F0-9]{2}){31}$

subject_dn
Always included*
string
Subject's Distinguished Name.
subject_cn
Always included*
string
Subject's Common Name.
issuer_dn
Always included*
string
Issuer's Distinguished Name.
issued
Always included*
date-time
The Date the certificate was issued.
expiry
Always included*
date-time
Expiry date for the certificate.
trusted
Always included*
boolean
Indicates whether a certificate is trusted.
href
Always included*
string
The URL for this trust store certificate.
Status code  
201 An object containing details of the queue manager's key store certificate
301 URI has permanently Moved
400 Bad Request
401 Unauthorized
405 Method not allowed
409 Conflict
429 Service Is Overused
500 Internal Server Error
503 Service Unavailable Error

Example response

Success 201

{
  "id": "693d09e6f00e89d",
  "label": "qmgrcert",
  "certificate_type": "key_store",
  "fingerprint_sha256": "BB:C2:09:2B:0C:68:EC:D2:1A:09:DA:F7:51:8D:29:F3:64:88:21:65:40:02:BD:20:1B:11:91:50:8D:90:8B:66",
  "subject_dn": "CN=*.qm1.eu-de.mq.appdomain.cloud",
  "subject_cn": "*.qm1.eu-de.mq.appdomain.cloud",
  "issuer_dn": "CN=R3,O=Let's Encrypt,C=US",
  "issuer_cn": "R3",
  "issued": "2023-05-29T11:17:00Z",
  "expiry": "2023-08-27T11:16:59Z",
  "is_default": true,
  "dns_names_total_count": 1,
  "dns_names": [
    "*.qm1.eu-de.mq.appdomain.cloud"
  ],
  "href": "https://api.private.eu-de.mq2.cloud.ibm.com/v1/a2b4d4bc-dadb-4637-bcec-9b7d1e723af8/queue_managers/b8e1aeda078009cf3db74e90d5d42328/certificates/key_store/693d09e6f00e89d",
  "config": {
    "ams": {
      "channels": [
        {
          "name": "CLOUD.APP.SVRCONN"
        }
      ]
    }
  }
}