Use Certificate Default Rollover List REST Service to
list certificate rollovers in a rollover list for a specified device
group.
- Operation
GET
- URL
- https://<host>:<port>/SKLM/rest/v1/certificates/rollover?name=<name
value>&usage<usage value>&uuid=<uuid value>
By default,
Guardium® Key Lifecycle Manager server
listens to non-secure port 9080 (HTTP) and secure port
9443
(HTTPS) for communication. During
IBM® Security Guardium Key Lifecycle Manager
installation, you can modify these default ports.
Note: The non-secure port 9080 is not applicable
when IBM Security Guardium Key Lifecycle Manager is deployed in a containerized
environment.
Request Parameters
Parameter |
Description |
host |
Specify the IP address or host name of the IBM Security Guardium Key Lifecycle Manager server. |
port |
Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests. |
Request Headers
Header name |
Value |
Content-Type |
application/json |
Accept |
application/json |
Authorization |
SKLMAuth userAuthId=<authIdValue> |
Accept-Language |
Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example: en or
de |
Query parameters
JSON property name |
Description |
name |
Optional. Specify the name of the existing certificate,
which is not case-sensitive. |
usage |
Required. Specify the device group. You can
include the following values:
- 3592
- Specifies
the 3592 device group.
- userdevicegroup
- Specifies a new, user-defined instance of a supported 3592 device
family.
|
uuid |
Optional. Specify the unique universal identifier
of an existing certificate rollover. |
Response Headers
Header name |
Value and description |
Status Code |
- 200 OK
- The request was successful. The response body contains the requested representation.
- 400® Bad Request
- The authentication information was not provided in the correct format.
- 401 Unauthorized
- The authentication credentials were missing or incorrect.
- 404 Not Found Error
- The processing of the request fails.
- 500 Internal Server Error
- The processing of the request fails because of an unexpected condition on the server.
|
Content-Type |
application/json |
Content-Language |
Locale for the response message. |
Success response
body
JSON array that
contains JSON objects with the following specification:
JSON property name |
Description |
Certificate
rollover uuid |
Returns the
unique universal identifier of the
certificate rollover. |
<deviceGroup>
system default |
Returns the
system default certificate name/alias
for the device group. This response is returned if the certificate
is a system default. |
<deviceGroup>
partner default |
Returns the
partner default certificate name/alias
for the device group. This response is returned if the certificate
is a partner default. |
Effective
date |
Returns the rollover
date on which the certificate
becomes the default system or partner certificate. The value is a
current or future date in yyyy-MM-dd format. |
Error Response Body
JSON object with the following specification.
JSON property name |
Description |
code |
Returns the application error code. |
message |
Returns a message that describes the error. |
Examples
- Service request to list certificate rollover
GET https://localhost:<port>/SKLM/rest/v1/certificates/rollover?usage=3592
Content-Type: application/json
Accept: application/json
Authorization: SKLMAuth userAuthId=139aeh34567m
- Success response
Status Code: 200 OK
[{"Certificate rollover uuid":"1234","3592 system default":
"3592SysDef",
"Effective date":"2017-05-30"}]
- Service request to list certificate
rollover when an incorrect
usage is specified
GET https://localhost:<port>/SKLM/rest/v1/certificates/rollover?usage=LTT
Content-Type: application/json
Accept: application/json
Authorization: SKLMAuth userAuthId=139aeh34567m
- Error response
Status Code: 400 Bad Request
{"code":"CTGKM0830E","message":"Device group is not valid: LTT"}