Change Crypto Type
The Change Crypto Type operation reconfigures a cryptographic adapter to a different crypto type. This operation is only supported for cryptographic adapters.
HTTP method and URI
POST /api/adapters/{adapter-id}/operations/change-crypto-type
In this request, the URI variable {adapter-id} is the object ID of the target cryptographic Adapter object.
Request body contents
The request body is expected to contain a JSON object with the following fields:
Field name | Type | Rqd/Opt | Description |
---|---|---|---|
crypto-type | String Enum | Required | The value to be set as the cryptographic adapter's
crypto-type property. Values:
|
zeroize | Boolean | Optional | Specifies whether the cryptographic adapter will be zeroized when it is
reconfigured to a crypto-type of "accelerator". This field is only valid when crypto-type is "accelerator". Default: true |
Description
This operation reconfigures a cryptographic adapter to a new crypto type. For a cryptographic adapter that is becoming an accelerator, the adapter may optionally be zeroized as part of the reconfiguration process. A cryptographic adapter must be varied offline before its crypto type can be changed.
If the API user does not have action/task permission to the Adapter Details task, a 403 (Forbidden) status code is returned. A 404 (Not Found) status code is returned if the object-id {adapter-id} does not identify a crypto adapter object to which the API user has object-access permission. If the given crypto-type is not valid, a 400 (Bad Request) status code is returned. If the adapter's adapter-family is not "crypto", a 404 (Not Found) status code is returned. If the adapter is online (state is "online"), a 409 (Conflict) status code is returned. If the CPC that contains the cryptographic adapter has not been started, a 409 (Conflict) status code is returned.
If the request body fails to validate, a 400 (Bad Request) status code is returned. This may occur because the document defines a field that is not supported for the given adapter type.
If the request body contents are valid, the cryptographic adapter's crypto type is changed to the new value specified in the request body.
If this operation changes the value of any property for which property-change notifications are due, those notifications are emitted asynchronously to this operation.
Authorization requirements
- Object-access permission to the adapter whose object ID is {adapter-id}
- Action/task permission to the Adapter Details task.
HTTP status and reason codes
On success, HTTP status code 204 (No Content) is returned and no response body is provided.
The following HTTP status codes are returned for the indicated errors, and the response body is a standard error response body providing the reason code indicated and associated error message.
HTTP error status code | Reason code | Description |
---|---|---|
400 (Bad Request) | Various | Errors were detected during common request validation. See Common request validation reason codes for a list of the possible reason codes. |
7 | The crypto-type value in the request body is not valid. | |
15 | The zeroize value in the request body is not applicable with this crypto-type. | |
403 (Forbidden) | 1 | The API user does not have action/task permission to the Adapter Details task. |
404 (Not Found) | 1 | An adapter with object ID {adapter-id} does not exist on the HMC or the API user does not have object-access permission to it. |
4 | The operation does not support an adapter of the given adapter-family or the Adapter's parent CPC is not enabled for DPM. | |
409 (Conflict) | 1 | Adapter status is not valid to perform the operation (does not allow the updating of a specified adapter property). |
2 | Adapter object with ID {adapter-id} is not started. | |
421 | The CPC containing the adapter with object ID {adapter-id} is not started. | |
426 | Adapter adapter-state is "online". | |
428 | The adapter is already configured to be the requested crypto-type. | |
503 (Service Unavailable) | 1 | The request could not be processed because the HMC is not currently communicating with an SE needed to perform the requested operation. |
Additional standard status and reason codes can be returned, as described in Invoking API operations.