Import System Certificate REST Service
Use the Import Server Certificate REST Service to import a public-private key pair.
- Operation
POST
- URL
- https://host:port/SKLM/rest/v1/system/certificates/keystore/import
By default, Guardium Key Lifecycle Manager server listens to the secure port 9443 (HTTPS) for communication. During IBM Security Guardium Key Lifecycle Manager installation, you can modify this default port.
Request
Parameter | Description |
---|---|
host | Specify the IP address or hostname of the IBM Security Guardium Key Lifecycle Manager server. |
port | Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests. |
Header name | Value |
---|---|
Content-Type | application/json |
Accept | application/json |
Authorization | SKLMAuth userAuthId=<authIdValue> |
Accept-Language | Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example, en or de. |
JSON object with the following specification:
JSON property name | Description |
---|---|
file | Specify the file name and path of the public-private key pair that you want to
import. The file must be in .p12 format. |
alias | Specify the alias of the certificate. This property is required when the IBM Security Guardium Key Lifecycle Manager keystore contains multiple private keys. It is not required when the keystore file contains only one private key. |
password | Specify the password that you used to export the certificate file. This
parameter is required if the type parameter is private key. If you export private keys to a PKCS#12 file, ensure that the file with the key is wrapped with a FIPS-approved method before the file leaves the computer. |
newAlias | Specify a new value for the key alias. |
usageSubtype | Specify the usage type of the certificate. You can specify multiple usage
types in comma-separated format. For a public-private key pair certificate, specify any of the following certificate usage types:
|
Response
Header name | Value and description |
---|---|
Status Code |
|
Content-Type | application/json |
Content-Language | Locale for the response message. |
JSON object with the following specification:
JSON property name | Description |
---|---|
code | Returns the code that is specified by the status property. |
status | Returns the status to indicate whether the certificate is imported successfully. |
JSON object with the following specification.
JSON property name | Description |
---|---|
code | Returns the application error code. |
message | Returns a message that describes the error. |
Examples
- Service request to import a certificate
-
POST https://localhost:port/SKLM/rest/v1/system/certificates/keystore/import
- Invalid service request where the certificate type is incorrect
-
POST https://localhost:port/SKLM/rest/v1/system/certificates/keystore/import