Export System Certificate REST Service

Use the Export System Certificate REST Service to export and download a certificate file.

Operation: GET
URL: https://host:port/GKLM/rest/v1/system/certificates/export/{alias}

By default, IBM® Guardium Key Lifecycle Manager server listens to the secure port 9443 (HTTPS) for communication. During IBM Guardium Key Lifecycle Manager installation, you can modify this default port.

Request

Request Parameters

Parameter	Description
host	Specify the IP address or hostname of the IBM Guardium Key Lifecycle Manager server.
port	Specify the port number on which the IBM Guardium Key Lifecycle Manager server listens for requests.

Request Headers

Header name	Value
Content-Type	`application/json`
Accept	`application/json`
Authorization	`SKLMAuth userAuthId=<authIdValue>`
Accept-Language	Any valid locale that is supported by IBM Guardium Key Lifecycle Manager. For example, `en` or `de`.

Query parameters

JSON property name Description

JSON property name	Description
alias	Specify the alias of the certificate that you want to export.
format	Specify the file format. Possible values: `base64` `DER` The default value is `base64`.
csr	Specify `true` if you want to export a certificate signing request (CSR) for a certificate.

alias

Specify the alias of the certificate that you want to export.

format

Specify the file format.

Possible values:

base64
DER

The default value is base64.

csr Specify true if you want to export a certificate signing request (CSR) for a certificate.

Response

Response Headers

Header name	Value and description
Status Code	200 OK The request was successful. The response body contains the requested representation. 400 Bad Request The authentication information was not provided in the correct format. 401 Unauthorized The authentication credentials were missing or incorrect. 404 Not Found Error The processing of the request fails. 500 Internal Server Error The processing of the request fails because of an unexpected condition on the server.
Content-Type	`application/json`
Content-Language	Locale for the response message.

Success response body

JSON object with the following specification:

JSON property name	Description
code	Returns the code that is specified by the status property.
status	Returns the status to indicate whether the certificate attribute update task is successful.

Error Response Body

JSON object with the following specification.

JSON property name	Description
code	Returns the application error code.
message	Returns a message that describes the error.

Examples

Service request to export a certificate

GET https://localhost:port/GKLM/rest/v1/system/certificates/export/server_cert2?format=DER'

Success response

Download file

Invalid service request where the alias is incorrect

GET https://localhost:port/GKLM/rest/v1/system/certificates?usageSubtype=SERVERGUI_TLS

Error response

{
  "code": "CTGKM0530E",
  "message": "CTGKM0530E Cannot find the certificate."
}