Pending Client Certificate List REST Service
Use Pending Client Certificate List REST Service to list pending certificates that are pushed to the server from a client device for secure communication with IBM Security Guardium Key Lifecycle Manager.
Acceptance marks the certificate as trusted and
allows the
client device to establish secure communication with IBM Security Guardium Key Lifecycle Manager. The
certificate is added to the keystore. Rejection removes the certificate
from the pending list and prevents its use for secure communication
between the device and the server.
- Operation
GET
- URL
- https://<host>:<port>/SKLM/rest/v1/pendingClientCertificates
By default, Guardium Key Lifecycle Manager server listens to the secure port 9443 (HTTPS) for communication. During IBM Security Guardium Key Lifecycle Manager installation, you can modify this default port.
Request
Request Parameters
Parameter | Description |
---|---|
host | Specify the IP address or hostname of the IBM Security Guardium Key Lifecycle Manager server. |
port | Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests. |
Request Headers
Header name | Value |
---|---|
Content-Type | application/json |
Accept | application/json |
Authorization | SKLMAuth userAuthId=<authIdValue> |
Accept-Language | Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example, en or de. |
Response
Response Headers
Header name | Value and description |
---|---|
Status Code |
|
Content-Type | application/json |
Content-Language | Locale for the response message. |
Success response
body
JSON object with the following specification:
JSON property name | Description |
---|---|
uuid | Returns the universal unique identifier of the certificate. |
subject name | Returns the certificate
subject name. The X.509 certificates
contain the subject distinguished name. The property value is from
the Subject field of the certificate. |
issuer name | Returns the distinguished name of the certificate issuer. The property value is from the Issuer field of the certificate. |
serial number | Returns the certificate serial number. |
client cert pending date | Returns the certificate pending date for acceptance or rejection. |
key state | Indicates the certificate
status, such as ACTIVE . |
creation date | Returns the certificate creation date. |
expiration date | Returns the certificate expiration date at which the certificate expires for use in secure communication. |
Cryptographic Algorithm | Represents the cryptographic algorithm of the
certificate, such as RSA , DSA , DES , 3DES ,
or AES . |
Cryptographic Length | Returns the length of the clear-text cryptographic object in bits. |
X509 output | Returns the standard X509 certificate
details. |
Error Response Body
JSON object with the following specification.
JSON property name | Description |
---|---|
code | Returns the application error code. |
message | Returns a message that describes the error. |
Examples
- Service request to list pending client certificates
GET https://localhost:<port>/SKLM/rest/v1/pendingClientCertificates Content-Type: application/json Accept : application/json Authorization : SKLMAuth userAuthId=37ea1939-1374-4db7-84cd-14e399be2d20 Accept-Language : en