Certificate:Set Key Certificate Pair

Search (SHIFT+S)




New in this release

Set Key Certificate Pair

PUT /object-cert/keystore

Sets private key and certificate pair. The new certificate and key will be rotated into all of the nodes within 1 hour.


Required Roles

  • SYSTEM_ADMIN


Request Payload

All parameters are required unless otherwise stated.

Field Description Type Notes
<rotate_keycertchain>
<ip_addresses> Key and certificate parameter IP addresses. The IP addresses are taken into account only if system_selfsigned is set to true. i.e, User wants the system to generate a new self-signed certificate.
<ip_address> String 0-* Elements
</ip_addresses>
<system_selfsigned> Set true if the new certificate is self signed, false otherwise. Boolean Valid Values:
  •  true
  •  false
<key_and_certificate>    
<private_key> The private key used to sign the certificate in PEM format. String
<certificate_chain> New certificate for the nodes in PEM format. For certificates signed by an intermediate CA (most are), the intermediate certificate(s) should be concatenated to the text string, also in PEM format. String
</key_and_certificate>      
</rotate_keycertchain>

Response Body

New certificate chain used by Object Service.

Field Description Type Notes
<certificate_chain>
<chain> Keystore certificate chain in PEM format String
</certificate_chain>

Examples

Request
PUT https://192.168.0.0:4443/object-cert/keystore HTTP/1.1
Content-Type: application/xml
X-SDS-AUTH-TOKEN: <AUTH_TOKEN>

<rotate_keycertchain>
   <ip_addresses>
      <ip_address>x.x.x.x</ip_address>
   </ip_addresses>
   <system_selfsigned>true</system_selfsigned>
   <key_and_certificate>
      <private_key>key</private_key>
      <certificate_chain>chain</certificate_chain>
   </key_and_certificate>
</rotate_keycertchain>
Response
HTTP/1.1 200 OK
Content-Type: application/xml

<certificate_chain>
    <chain>-----BEGIN CERTIFICATE-----
MIIDCDCCAfCgAwIBAgIICyp+EVCTPAwwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UE
AxMLRGF0YVNlcnZpY2UwHhcNMTUwMjI1MDM1NzE2WhcNMjUwMjIyMDM1NzE2WjAW
MRQwEgYDVQQDEwtEYXRhU2VydmljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAKWPajocJQR+oT4JjUTjJStWLh52lFQkUH0yOUrio4GmWAugBWOivNkb
XOfMRG5g56DuYWMToH4BRnz9bjFmYAO2/ZuutBzVgRGAtrD1Fv9WDl3ZkZeC813X
yTkCxaik+CKBr8hae8P3XH0AzpUcY+ls/msWZgiItTDACnKULNWVI9w9akKjTM9e
Y2etG5c3r/37CJokMh2pBZAnS3cJKmzWc98dqxLun74pi43kNOjz8oybjTfav0EW
NFRASngJT+sHmKasX5QD5p3x2I0layV6b0fR0WWbHcg6av8VkicjFWnuyPFlkr7j
/5F71zZ8u3VDL7KdK6WSPpsL2GxdW6UCAwEAAaNaMFgwHwYDVR0jBBgwFoAUGw2z
BFpglBs/yR4efJVndgWJltYwFgYDVR0RBA8wDYIFdmlwcjGHBAr3s+4wHQYDVR0O
BBYEFBsNswRaYJQbP8keHnyVZ3YFiZbWMA0GCSqGSIb3DQEBCwUAA4IBAQApBtos
sAdBxlXZXSOejbvRq5g5KjzxkwsrNPFCWOs/4KL7dR41GvkHRvxe6Uxc1cgWhrJH
WXPVlvkadZqSle3Dt7+8MolXQU+ScS8wKUu8wV5HdFb3FDRdROQvTQoUB9AAHUOt
8BXwRNCvFby4NubrlsoFEGN/K/96ecF7N5Nnj/9BydkjPQniLt/SfToPKUjrqXvQ
MJmuXySwKh2j39w+G1fP2IqnwhPgtsb8nZuPDIrzt+nUvNttFPiP7QRaiIaHR8ni
WRhCVyEoYvgUtU/8iIvPx0AdW1PbigVvXckg5DvyrnTjIVQ18oM4yVpc1ACEeUiJ
p9L2ulXuACkiAUJ0
-----END CERTIFICATE-----</chain>
</certificate_chain>
Notes: