Add Certificate to Liberty Truststore REST Service

Use the Add Certificate to Liberty Truststore REST Service to add a certificate to the IBM Security Guardium Key Lifecycle Manager Liberty truststore.

Operation
PUT
URL
https://host:port/SKLM/rest/v1/provider/certificates/importCertificate

By default, Guardium Key Lifecycle Manager server listens to the secure port 9443 (HTTPS) for communication. During IBM Security Guardium Key Lifecycle Manager installation, you can modify this default port.

Before you begin

Ensure that the server certificate is available in the SKLM_DATA directory. To do so, see Upload File to Server REST Service.

Request

Request Parameters
Parameter Description
host Specify the IP address or hostname of the IBM Security Guardium Key Lifecycle Manager server.
port Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests.
Request Headers
Header name Value
Content-Type application/json
Accept application/json
Authorization SKLMAuth userAuthId=<authIdValue>
Accept-Language Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example, en or de.
Request Body

JSON object with the following specification:

JSON property name Description
certAlias

Required. Specify a unique name for the certificate. The name is not case-sensitive.

For example, if you specify MY Cert1, the value is stored as my cert1.
Note: Do not use a value that includes forward slash (/) or backward slash (\) characters; or that begins with three alphabetic characters followed by 18 numeric characters, such as aaa000000000000000002. IBM Security Guardium Key Lifecycle Manager uses this format to generate a key group with symmetric keys.
certFile Required. Specify the path to the certificate file to be added. For example, cert1.csr.

Response

Success Response Body

JSON object with the following specification.

JSON property name Description
code Returns the success code.
status Returns a message that describes the status.
Error Response Body

JSON object with the following specification.

JSON property name Description
code Returns the application error code.
status Returns a message that describes the error.

Example

Service request to add a certificate to the Liberty truststore
PUT https://localhost:port/SKLM/rest/v1/provider/certificates/importCertificate
{
 "certFile": "testcertificate.cer",
 "certAlias": "cert1"
}
Success response
{
  "code": "0",
  "status": "Succeeded"
}
Error response
{
  "code": "1",
  "status": "Failed to add the certificate !"
}