Add Certificate
Adds a new certificate or a chain of certificates (CAs). The certificate is used as a client certificate in the trust store depends on the Entity Type. The private key will be ignored if provided. Only NSX_UA_NODE, NSX_UA_CLUSTER, NSX_UA_TN, SUBSCRIBER_NODE, NSX_UA_KAFKA_CLIENT is allowed for this method. The certificate should be stored in PEM format. Note1: it will simply return if users are trying to upload the same pem data with same entity type. Note2: it accepts a request with an empty pem data. It could be used to synchronize services given a entity type.
{
"uuid": "string",
"alias": "string",
"pem_encoded": "string",
"private_key": "string",
"passphrase": "string",
"used_by": "string",
"details": {
"ca_certificate_source": "string",
"attributes": [
{
"subject_cn": "string",
"issuer_cn": "string",
"version": "string",
"serial_number": "string",
"signature_algorithm": "string",
"signature": "string",
"not_before": 0,
"not_after": 0,
"issuer": "string",
"subject": "string",
"public_key_algo": "string",
"public_key_length": 0,
"rsa_public_key_modulus": "string",
"rsa_public_key_exponent": "string",
"dsa_public_key_g": "string",
"dsa_public_key_p": "string",
"dsa_public_key_q": "string",
"dsa_public_key_y": "string",
"ecdsa_curve_name": "string",
"ecdsa_ec_field": "string",
"ecdsa_ec_field_f2mm": 0,
"ecdsa_ec_field_f2mrp": "string",
"ecdsa_ec_field_f2mks": [
0
],
"ecdsa_ec_field_f2pp": "string",
"ecdsa_public_key_a": "string",
"ecdsa_public_key_b": "string",
"ecdsa_public_key_seed": [
"string"
],
"ecdsa_public_key_generator_x": "string",
"ecdsa_public_key_generator_y": "string",
"ecdsa_public_key_order": "string",
"ecdsa_public_key_cofactor": 0,
"is_ca": false,
"is_valid": false
}
]
},
"skip_sync_services": false
}UUID of the certificate. Generated on k8s platform. If given in post request, the API will return bad request.
Alias of the Certificate; Unique identifier of this certificate under a Certificate Entity.
Pem encoded certificate data.
Private key data.
Password for private key encryption.
Skip synchronizing services after certificate change. User such as nsx-config can change multiple certificates without synchronizing services and synchronizes services in the last call.
OK and Certificate content
{
"uuid": "string",
"alias": "string",
"pem_encoded": "string",
"private_key": "string",
"passphrase": "string",
"used_by": "string",
"details": {
"ca_certificate_source": "string",
"attributes": [
{
"subject_cn": "string",
"issuer_cn": "string",
"version": "string",
"serial_number": "string",
"signature_algorithm": "string",
"signature": "string",
"not_before": 0,
"not_after": 0,
"issuer": "string",
"subject": "string",
"public_key_algo": "string",
"public_key_length": 0,
"rsa_public_key_modulus": "string",
"rsa_public_key_exponent": "string",
"dsa_public_key_g": "string",
"dsa_public_key_p": "string",
"dsa_public_key_q": "string",
"dsa_public_key_y": "string",
"ecdsa_curve_name": "string",
"ecdsa_ec_field": "string",
"ecdsa_ec_field_f2mm": 0,
"ecdsa_ec_field_f2mrp": "string",
"ecdsa_ec_field_f2mks": [
0
],
"ecdsa_ec_field_f2pp": "string",
"ecdsa_public_key_a": "string",
"ecdsa_public_key_b": "string",
"ecdsa_public_key_seed": [
"string"
],
"ecdsa_public_key_generator_x": "string",
"ecdsa_public_key_generator_y": "string",
"ecdsa_public_key_order": "string",
"ecdsa_public_key_cofactor": 0,
"is_ca": false,
"is_valid": false
}
]
},
"skip_sync_services": false
}UUID of the certificate. Generated on k8s platform. If given in post request, the API will return bad request.
Alias of the Certificate; Unique identifier of this certificate under a Certificate Entity.
Pem encoded certificate data.
Private key data.
Password for private key encryption.
Skip synchronizing services after certificate change. User such as nsx-config can change multiple certificates without synchronizing services and synchronizes services in the last call.
Unknown backend error