Powered by Redocly

Client Certificates

Invoke the issue-host-cert operation

Generate a site specific client certificate to be used by hosts to identify when calling home. A certificate issued using this action should be used when call-home/settings/client-certificate has been set to host-id

SecurityaccessToken
Request
Request Body schema:
host-id
required
string <host-id> ^[^\s](.*[^\s])?$

An identifier for a host that is unique within the site provider network.

Id of host calling home, used in issued certificate as CN (common name, truncated to 64 chararcters) and SAN (subject alt name).

ttl
required
string <duration>

A duration in years, days, hours, minutes and seconds.

Format is [<digits>y][<digits>d][<digits>m][<digits>s].

Examples: 1y2d5h, 5h or 10m30s

Time the certificate should be valid, starting from the time when the certificate is issued.

Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

503

Service Unavailable (strongbox sealed)

post/v1/state/system/call-home/issue-host-cert
Request samples 
host-id: telco
ttl: 30d
Response samples 
b64-tar-package: MIIDUDCCAvagAwIBAgITAKYom2ar3MFwt//DipR5NywBdjAKBggqhkjOPQQDAjBa
serial: a6:28:9b:66:ab:dc:c1:70:b7:ff:c3:8a:94:79:37:2c:01:76
created: 2022-01-25T09:57:48.000000Z
expires: 2022-01-27T09:57:48.000000Z

Invoke the issue-site-cert operation

Generate a site specific client certificate to be used by hosts to identify when calling home. A certificate issued using this action should be used when call-home/settings/client-certificate has been set to site

SecurityaccessToken
Request
Request Body schema:
site
required
string

Name of site, used in issued certificate as CN (common name) and SAN (subject alt name).

ttl
required
string <duration>

A duration in years, days, hours, minutes and seconds.

Format is [<digits>y][<digits>d][<digits>m][<digits>s].

Examples: 1y2d5h, 5h or 10m30s

Time the certificate should be valid, starting from the time when the certificate is issued.

Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

503

Service Unavailable (strongbox sealed)

post/v1/state/system/call-home/issue-site-cert
Request samples 
site: telco
ttl: 30d
Response samples 
b64-tar-package: MIIDUDCCAvagAwIBAgITAKYom2ar3MFwt//DipR5NywBdjAKBggqhkjOPQQDAjBa
serial: a6:28:9b:66:ab:dc:c1:70:b7:ff:c3:8a:94:79:37:2c:01:76
created: 2022-01-25T09:57:48.000000Z
expires: 2022-01-27T09:57:48.000000Z

Invoke the issue-system-cert operation

Generate a site specific client certificate to be used by hosts to identify when calling home. A certificate issued using this action should be used when call-home/settings/client-certificate has been set to certificate-only

SecurityaccessToken
Request
Request Body schema:
system-name
required
string

Name in certificate used as CN (common name) and SAN (subject alt name) in issued certificate.

ttl
required
string <duration>

A duration in years, days, hours, minutes and seconds.

Format is [<digits>y][<digits>d][<digits>m][<digits>s].

Examples: 1y2d5h, 5h or 10m30s

Time the certificate should be valid, starting from the time when the certificate is issued.

Responses
200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

503

Service Unavailable (strongbox sealed)

post/v1/state/system/call-home/issue-system-cert
Request samples 
system-name: telco
ttl: 30d
Response samples 
b64-tar-package: MIIDUDCCAvagAwIBAgITAKYom2ar3MFwt//DipR5NywBdjAKBggqhkjOPQQDAjBa
serial: a6:28:9b:66:ab:dc:c1:70:b7:ff:c3:8a:94:79:37:2c:01:76
created: 2022-01-25T09:57:48.000000Z
expires: 2022-01-27T09:57:48.000000Z
➔ Next to Site Progress