Unassign Certificate from Partition

The Unassign Certificate from Partition operation unassigns a certificate of type "secure-boot" from the partition with the given identifier. [Added by feature secure-boot-with-certificates]

HTTP method and URI

POST /api/partitions/{partition-id}/operations/unassign-certificate

In this request, the URI variable {partition-id} is the object ID of the Partition object.

Request body contents

The request body is a JSON object with the following fields:

Field name Type Rqd/Opt Description
certificate-uri String/ URI Required The canonical URI path of the Certificate to be unassigned.

Description

This operation unassigns the specified certificate of type"secure-boot" from the corresponding partition.

If this operation changes the value of any property for which property-change notifications are due, those notifications are issued asynchronously to this operation.

A 404 (Not Found) status code is returned if the object-id in the URI {partition-id} does not designate an existing Partition object, or the API user does not have object-access permission to it. 404 (Not Found) is also returned if the object-id in the request body certificate-uri does not designate an existing Certificate object, or the API user does not have object-access permission to it.

If the API user does not have task permissions to the Assign Secure Boot Certificates action, 403 (Forbidden) status code is returned. If the partition is busy, or if the certificate is not assigned to the partition, a 409 (Conflict) status code is returned.

Authorization requirements

This operation has the following authorization requirements:
  • Object-access permission to the Partition object designated by {partition-id}
  • Action/task permission to the Assign Secure Boot Certificates task.

HTTP status and reason codes

On success, HTTP status code 204 (No Content) is returned and no response body is provided.

The following HTTP status codes are returned for the indicated errors, and the response body is a standard error response body providing the reason code indicated and associated error message.

Table 1. Unassign Certificate from Partition: HTTP status and reason codes
HTTP error status code Reason code Description
403 (Forbidden) 1 The user under which the API request was authenticated does not have the required authority to perform the requested action.
404 (Not Found) 1 The request URI does not designate an existing resource of the expected type, or designates a resource for which the API user does not have object-access permission.
2 A URI in the request body does not designate an existing resource of the expected type, or designates a resource for which the API user does not have object-access permission.
4 The object designated by the request URI does not support the requested operation.
409 (Conflict) 2 The operation cannot be performed because the object designated by the request URI is currently busy performing some other operation.
370 The operation cannot be performed because the certificate is not assigned.
503 (Service Unavailable) 1 The request could not be processed because the HMC is not currently communicating with an SE needed to perform the requested operation.

Additional standard status and reason codes can be returned, as described in Invoking API operations.

Example HTTP interaction

Figure 1. Unassign Certificate from Partition: Request
POST /api/partitions/98a99980-4a01-11ed-8d1f-fa163e2983be/operations/unassign-certificate HTTP/1.1
x-api-session: 3gto4fuax6o28str0hmubbpzkxccr6e7rs3t2dyst1qn54oafh
Content-Type: application/json
Content-Length: 77
{
   "certificate-uri":"/api/certificates/5fb1cd06-49fb-11ed-983e-fa163e61d0f1"
}
Figure 2. Unassign Certificate from Partition: Response
204
Server: Hardware management console API web server / 2.0
Cache-control: no-cache
Date: Thu, 13 Oct 2022 08:30:42 GMT

<No response body>