Certificate Management 2.8.0 documentation

Certificate Management 2.8.0

application/json

Manage Certificate Authorities (CAs) used for client certificate based authentication. The topic of the plugins control API is $CONTROL/certificate-management/v1.

Currently supported commands offered by the API are insertCACertificate, which can be used to extend the known Certificate Authorities (CAs). To delete an existing CA the deleteCACertificate command can be used.

Operations

PUB $CONTROL/certificate-management/v1
Accepts the following message:
Request to execute insert/delete CA certificatescontrolRequest
object
uid: controlRequestPayload
array<anyOf>
anyOf
object
insertCACertificate request

command
required
string
Command which describes the action to be executed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"insertCACertificate"
listener_id
required
integer
>= 1uid: listener_id
Specifies the listener the CA certificate should be applied to. Available listeners can be determined using the listListeners broker control API command.

file_name
required
string
<= 255 charactersuid: file_name
Name of CA certificate file stored in the configured capath. Must follow the Linux file naming conventions.

Examples values:
"client_ca.pem"
ca_cert_pem
required
string
CA certificate in PEM format (note: only required for insertCACertificate).

Examples values:
"-----BEGIN CERTIFICATE----- MII...EyQ== -----END CERTIFICATE----- "
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
Additional properties are NOT allowed.
object
deleteCACertificate request

command
required
string
Command which describes the action to be executed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"deleteCACertificate"
listener_id
required
integer
>= 1uid: listener_id
Specifies the listener the CA certificate should be applied to. Available listeners can be determined using the listListeners broker control API command.

file_name
required
string
<= 255 charactersuid: file_name
Name of CA certificate file stored in the configured capath. Must follow the Linux file naming conventions.

Examples values:
"client_ca.pem"
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
Additional properties are NOT allowed.
Additional properties are NOT allowed.
Examples
#1 Example - insertCACertificate request
{ "commands": [ { "command": "insertCACertificate", "listener_id": 2, "file_name": "client_ca.pem", "ca_cert_pem": "-----BEGIN CERTIFICATE-----\nMII...EyQ==\n-----END CERTIFICATE-----\n" } ] }

#2 Example - deleteCACertificate request
{ "commands": [ { "command": "deleteCACertificate", "listener_id": 2, "file_name": "client_ca.pem" } ] }
SUB $CONTROL/certificate-management/v1/response
Accepts the following message:
Response to an executed insert/delete CA certificates requestcontrolResponse
object
uid: controlResponsePayload
array<object oneOf>
object oneOf
restricted any
command
required
string
uid: command
Command which describes the action processed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"insertCACertificate"
"deleteCACertificate"
required
object
Specified if request has been processed successfully

response
string
Allowed values:
"SUCCESS"
Additional properties are allowed.
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
restricted any
command
required
string
uid: command
Command which describes the action processed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"insertCACertificate"
"deleteCACertificate"
error
required
string
Examples values:
"File already exists"
"File does not exist"
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
Additional properties are allowed.
Additional properties are NOT allowed.
Examples
#1 Example - successful insertCACertificate response
{ "responses": [ { "command": "insertCACertificate", "data": { "response": "SUCCESS" }, "correlationData": "1234-request" } ] }

#2 Example - successful deleteCACertificate response
{ "responses": [ { "command": "deleteCACertificate", "data": { "response": "SUCCESS" }, "correlationData": "1234-request" } ] }

#3 Example - error response
{ "responses": [ { "command": "insertCACertificate", "error": "File already exists", "correlationData": "1234-request" } ] }

Messages

#1Request to execute insert/delete CA certificatescontrolRequest
object
uid: controlRequestPayload
array<anyOf>
anyOf
object
insertCACertificate request

command
required
string
Command which describes the action to be executed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"insertCACertificate"
listener_id
required
integer
>= 1uid: listener_id
Specifies the listener the CA certificate should be applied to. Available listeners can be determined using the listListeners broker control API command.

file_name
required
string
<= 255 charactersuid: file_name
Name of CA certificate file stored in the configured capath. Must follow the Linux file naming conventions.

Examples values:
"client_ca.pem"
ca_cert_pem
required
string
CA certificate in PEM format (note: only required for insertCACertificate).

Examples values:
"-----BEGIN CERTIFICATE----- MII...EyQ== -----END CERTIFICATE----- "
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
Additional properties are NOT allowed.
object
deleteCACertificate request

command
required
string
Command which describes the action to be executed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"deleteCACertificate"
listener_id
required
integer
>= 1uid: listener_id
Specifies the listener the CA certificate should be applied to. Available listeners can be determined using the listListeners broker control API command.

file_name
required
string
<= 255 charactersuid: file_name
Name of CA certificate file stored in the configured capath. Must follow the Linux file naming conventions.

Examples values:
"client_ca.pem"
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
Additional properties are NOT allowed.
Additional properties are NOT allowed.
#2Response to an executed insert/delete CA certificates requestcontrolResponse
object
uid: controlResponsePayload
array<object oneOf>
object oneOf
restricted any
command
required
string
uid: command
Command which describes the action processed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"insertCACertificate"
"deleteCACertificate"
required
object
Specified if request has been processed successfully

response
string
Allowed values:
"SUCCESS"
Additional properties are allowed.
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
restricted any
command
required
string
uid: command
Command which describes the action processed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"insertCACertificate"
"deleteCACertificate"
error
required
string
Examples values:
"File already exists"
"File does not exist"
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
Additional properties are allowed.
Additional properties are NOT allowed.

Schemas

object
uid: controlRequestPayload
array<anyOf>
anyOf
object
insertCACertificate request

command
required
string
Command which describes the action to be executed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"insertCACertificate"
listener_id
required
integer
>= 1uid: listener_id
Specifies the listener the CA certificate should be applied to. Available listeners can be determined using the listListeners broker control API command.

file_name
required
string
<= 255 charactersuid: file_name
Name of CA certificate file stored in the configured capath. Must follow the Linux file naming conventions.

Examples values:
"client_ca.pem"
ca_cert_pem
required
string
CA certificate in PEM format (note: only required for insertCACertificate).

Examples values:
"-----BEGIN CERTIFICATE----- MII...EyQ== -----END CERTIFICATE----- "
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
Additional properties are NOT allowed.
object
deleteCACertificate request

command
required
string
Command which describes the action to be executed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"deleteCACertificate"
listener_id
required
integer
>= 1uid: listener_id
Specifies the listener the CA certificate should be applied to. Available listeners can be determined using the listListeners broker control API command.

file_name
required
string
<= 255 charactersuid: file_name
Name of CA certificate file stored in the configured capath. Must follow the Linux file naming conventions.

Examples values:
"client_ca.pem"
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
Additional properties are NOT allowed.
Additional properties are NOT allowed.
object
uid: controlResponsePayload
array<object oneOf>
object oneOf
restricted any
command
required
string
uid: command
Command which describes the action processed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"insertCACertificate"
"deleteCACertificate"
required
object
Specified if request has been processed successfully

response
string
Allowed values:
"SUCCESS"
Additional properties are allowed.
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
restricted any
command
required
string
uid: command
Command which describes the action processed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"insertCACertificate"
"deleteCACertificate"
error
required
string
Examples values:
"File already exists"
"File does not exist"
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"
Additional properties are allowed.
Additional properties are NOT allowed.
command
string
uid: command
Command which describes the action processed by the plugin. Currently only inserting and deleting custom CAs is supported.

Allowed values:
"insertCACertificate"
"deleteCACertificate"
listener_id
integer
>= 1uid: listener_id
Specifies the listener the CA certificate should be applied to. Available listeners can be determined using the listListeners broker control API command.
file_name
string
<= 255 charactersuid: file_name
Name of CA certificate file stored in the configured capath. Must follow the Linux file naming conventions.

Examples values:
"client_ca.pem"
correlationData
string
uid: correlationData
This is an optional value to be able to identify the relation between request and response. The plugin will add the provided value in the response message.

Examples values:
"1234-request"

Certificate Management 2.8.0

Operations

PUB $CONTROL/certificate-management/v1

Examples

#1 Example - insertCACertificate request

#2 Example - deleteCACertificate request

SUB $CONTROL/certificate-management/v1/response

Examples

#1 Example - successful insertCACertificate response

#2 Example - successful deleteCACertificate response

#3 Example - error response

Messages

Schemas