Change Certificate Alias REST Service

Use Change Certificate Alias REST Service to change the alias of a certificate present in the IBM Security Key Lifecycle Manager instance.

Note: The import conflict REST services make significant changes to the IBM Security Key Lifecycle Manager instance that might impact its operation and the communication with the storage device. You must carefully plan and evaluate the changes that are required on both IBM Security Key Lifecycle Manager and the storage device. The changes must be atomic; that is the changes must be done both on the IBM Security Key Lifecycle Manager system and the devices. The import conflict resolution REST services handle the changes for IBM Security Key Lifecycle Manager. For the complete process handling, you must take the guidance of your IBM support representative.

Operation: POST
URL: https://<host>:<port>/SKLM/rest/v1/ckms/conflictResolution/changeCertificateAlias

By default, IBM Security Key Lifecycle Manager server listens to non-secure port 80 (HTTP) and secure port 443 (HTTPS) for communication. During IBM Security Key Lifecycle Manager installation, you can modify these default ports. If you are using the default port for HTTP or HTTPS, the port is an optional part of the URL.

Request

Request Parameters

Parameter	Description
host	Specify the IP address or host name of the IBM Security Key Lifecycle Manager server.
port	Specify the port number on which the IBM Security Key Lifecycle Manager server listens for requests.

Request Headers

Header name	Value
Content-Type	`application/json`
Accept	`application/json`
Authorization	`SKLMAuth userAuthId=<authIdValue>`
Accept-Language	Any valid locale that is supported by IBM Security Key Lifecycle Manager. For example: `en` or `de`

Request body

JSON object with the following specification

Property name	Description
oldAlias	Specifies the existing value of the alias for the certificate present in IBM Security Key Lifecycle Manager system.
newAlias	Specifies the new value to be set for the alias of the certificate. This value must be unique in the IBM Security Key Lifecycle Manager system.

Response

Response Headers

Header name	Value and description
Status Code	200 OK The request was successful. The response body contains the requested representation. 400 Bad Request The authentication information was not provided in the correct format. 401 Unauthorized The authentication credentials were missing or incorrect. 500 Internal Server Error The processing of the request fails because of an unexpected condition on the server.
Content-Type	`application/json`
Content-Language	Locale for the response message.

Success response body

JSON object with the following specification

JSON property name	Description
code	Returns the value that is specified by the status property.
status	Returns the status to indicate whether the certificate alias is changed with an appropriate message.

Error Response Body

JSON object with the following specification.

JSON property name	Description
code	Returns the application error code.
message	Returns a message that describes the error.

Examples

Service request to change certificate alias

POST https://localhost:<port>/SKLM/rest/v1/ckms/conflictResolution/changeCertificateAlias
Content-Type: application/json
Accept: application/json
Authorization: SKLMAuth userAuthId=139aeh34567m
{"oldAlias" : "3592cert2" ,"newAlias" : "3592cert3"}

Success response

Status Code : 200 OK
 {"code":"0","status”:”Certificate alias successfully changed”}

Error response

Status Code: 500 Internal Server Error
{“code":"CTGKM2919E","message":"CTGKM2919E  Certificate with Alias name 3592cert3 already exists."}