SSL Certificates¶
Overview¶
This document describes the API to retrieve information about SSL Certificate objects.
REST Endpoint: /mgmt/cm/adc-core/working-config/sys/file/ssl-cert¶
Requests¶
GET /mgmt/cm/adc-core/working-config/sys/file/ssl-cert/<id>¶
Request Parameters¶
None
Query Parameters¶
None
Response¶
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
bundleCertificatesCollectionReference | object | A reference to a subcollection of certificates. For a certificate bundle, this collection represents the bundled certificates. For an individual certificate, this collection is empty. |
link | string | The URI of the subcollection. |
isSubcollection | boolean | Always true. |
certificateKeyCurveName | string | If this certificate uses an elliptic curve key, this is the curve name. Possible values: prime256v1, secp384r1, secp521r1. |
certificateKeySize | number | If this certificate uses a RSA or DSA key, this is the bit size of the key. |
checksum | string | The checksum of the file data. |
createDateTime | string | Date and time that the object was created. Only used and updated by BIG-IP. |
createdBy | string | The user that created the certificate object. Only used and updated by BIG-IP. |
string | The email address from the certificate subject or subject alternative name. | |
expirationDate | number | The expiration date and time of the certificate in seconds since UNIX epoch. |
expirationDateTime | string | The expiration date and time of the certificate in ISO-8601 format. |
fileReference | object | A reference to the object representing the file data. |
fingerprint | string | The fingerprint of the public key from the certificate. |
groupingKey | string | A token that identifies related objects of different types, for internal use. |
id | string | Unique identifier for this collection item. |
isBundle | boolean | True for certificate bundles, false for individual certificates. |
issuer | string | The issuer string from the certificate. |
keyType | string | Type of the key for this certificate. |
lastUpdateDateTime | string | Date and time of the most recent update to this object. Only used and updated by BIG-IP. |
mode | number | Numeric UNIX permissions for the file. Traditionally these values are represented in octal, but this field is a JSON number with no inherent formatting. Only used and updated by BIG-IP. |
revision | number | File revision, incremented with each update. Only used and updated by BIG-IP. |
serialNumber | string | Serial number of the certificate. |
size | number | Size of the file in bytes. |
sourcePath | string | Original location from which the file was imported. Only used and updated by BIG-IP. |
subject | string | The subject string from the certificate. |
subjectAlternativeName | string | The subject alternative name from the certificate. |
systemPath | string | Optional location of the file on the BIG-IP file system. Only used and updated by BIG-IP. |
updatedBy | string | User that updated this object most recently. Only used and updated by BIG-IP. |
version | number | The version of X509 that this certificate is based on. |
Permissions¶
Role | Allow |
---|---|
Application_Editor | Yes |
Firewall_View | Yes |
Access_Policy_Editor | Yes |
ADC_Editor | Yes |
Access_Edit | Yes |
ASM_Manager | Yes |
Firewall_Deploy | Yes |
ADC_Manager | Yes |
Access_Deploy | Yes |
Firewall_Manager | Yes |
ADC_Viewer | Yes |
Security_Manager | Yes |
Service_Catalog_Viewer | Yes |
ASM_Editor | Yes |
Application_Manager | Yes |
Trust_Discovery_Import | Yes |
Application_Viewer | Yes |
Firewall_Edit | Yes |
Access_View | Yes |
ASM_Viewer | Yes |
Service_Catalog_Editor | Yes |
ASM_Deploy | Yes |
Access_Manager | Yes |
ADC_Deployer | Yes |
DELETE /mgmt/cm/adc-core/working-config/sys/file/ssl-cert/<id>¶
Request Parameters¶
None
Query Parameters¶
None
Response¶
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
bundleCertificatesCollectionReference | object | A reference to a subcollection of certificates. For a certificate bundle, this collection represents the bundled certificates. For an individual certificate, this collection is empty. |
link | string | The URI of the subcollection. |
isSubcollection | boolean | Always true. |
certificateKeyCurveName | string | If this certificate uses an elliptic curve key, this is the curve name. Possible values: prime256v1, secp384r1, secp521r1. |
certificateKeySize | number | If this certificate uses a RSA or DSA key, this is the bit size of the key. |
checksum | string | The checksum of the file data. |
createDateTime | string | Date and time that the object was created. Only used and updated by BIG-IP. |
createdBy | string | The user that created the certificate object. Only used and updated by BIG-IP. |
string | The email address from the certificate subject or subject alternative name. | |
expirationDate | number | The expiration date and time of the certificate in seconds since UNIX epoch. |
expirationDateTime | string | The expiration date and time of the certificate in ISO-8601 format. |
fileReference | object | A reference to the object representing the file data. |
fingerprint | string | The fingerprint of the public key from the certificate. |
groupingKey | string | A token that identifies related objects of different types, for internal use. |
id | string | Unique identifier for this collection item. |
isBundle | boolean | True for certificate bundles, false for individual certificates. |
issuer | string | The issuer string from the certificate. |
keyType | string | Type of the key for this certificate. |
lastUpdateDateTime | string | Date and time of the most recent update to this object. Only used and updated by BIG-IP. |
mode | number | Numeric UNIX permissions for the file. Traditionally these values are represented in octal, but this field is a JSON number with no inherent formatting. Only used and updated by BIG-IP. |
revision | number | File revision, incremented with each update. Only used and updated by BIG-IP. |
serialNumber | string | Serial number of the certificate. |
size | number | Size of the file in bytes. |
sourcePath | string | Original location from which the file was imported. Only used and updated by BIG-IP. |
subject | string | The subject string from the certificate. |
subjectAlternativeName | string | The subject alternative name from the certificate. |
systemPath | string | Optional location of the file on the BIG-IP file system. Only used and updated by BIG-IP. |
updatedBy | string | User that updated this object most recently. Only used and updated by BIG-IP. |
version | number | The version of X509 that this certificate is based on. |
Permissions¶
Role | Allow |
---|---|
Application_Editor | No |
Firewall_View | No |
Access_Policy_Editor | No |
ADC_Editor | Yes |
Access_Edit | No |
ASM_Manager | No |
Firewall_Deploy | No |
ADC_Manager | Yes |
Access_Deploy | No |
Firewall_Manager | No |
ADC_Viewer | No |
Security_Manager | No |
Service_Catalog_Viewer | No |
ASM_Editor | No |
Application_Manager | No |
Trust_Discovery_Import | No |
Application_Viewer | No |
Firewall_Edit | No |
Access_View | No |
ASM_Viewer | No |
Service_Catalog_Editor | No |
ASM_Deploy | No |
Access_Manager | No |
ADC_Deployer | No |
Examples¶
List a SSL Certificate’s properties¶
GET /mgmt/cm/adc-core/working-config/sys/file/ssl-cert/<id>
Response¶
HTTP/1.1 200 OK
{
"bundleCertificatesCollectionReference": {
"isSubcollection": true,
"link": "https://localhost/mgmt/cm/adc-core/working-config/sys/file/ssl-cert/b344c1b2-93b4-3747-8c22-1bf758f5f5dc/bundle-certificates"
},
"certificateKeyCurveName": "none",
"certificateKeySize": 2048,
"checksum": "SHA1:1541:b2a496c4f42226372ac82879b65c0f8f9f6f01b1",
"createDateTime": "2018-05-24T19:01:29.000Z",
"createdBy": "root",
"email": "example-address@example-name.com",
"expirationDate": 1842548100,
"expirationDateTime": "2028-05-21T18:55:00.000Z",
"fileReference": {
"link": "https://localhost/mgmt/cm/adc-core/working-config/file-objects/64e4f88b-e7f7-44c2-900c-a4eadf55ea3b"
},
"fingerprint": "d51de2af1dafd8ee1922d9abc8df272c",
"generation": 3,
"groupingKey": "/Common/example.grouping-suffix-50453eb1-4c24-481f-b4eb-30ac613aace7",
"id": "b344c1b2-93b4-3747-8c22-1bf758f5f5dc",
"isBundle": false,
"issuer": "emailAddress=example-address@example-name.com,CN=example-name.com,OU=Example Unit,O=Example Organization,L=Seattle,ST=Washington,C=US",
"keyType": "rsa-public",
"kind": "cm:adc-core:working-config:sys:file:ssl-cert:adcsslcertstate",
"lastUpdateDateTime": "2018-05-24T19:01:29.000Z",
"lastUpdateMicros": 1527189476376763,
"mode": 33188,
"name": "example.crt",
"partition": "Common",
"revision": 1,
"selfLink": "https://localhost/mgmt/cm/adc-core/working-config/sys/file/ssl-cert/b344c1b2-93b4-3747-8c22-1bf758f5f5dc",
"serialNumber": "a3:6e:da:78:29:9c:62:42",
"size": 1541,
"sourcePath": "file:/root/example.crt",
"subject": "emailAddress=example-address@example-name.com,CN=example-name.com,OU=Example Unit,O=Example Organization,L=Seattle,ST=Washington,C=US",
"updatedBy": "root",
"version": 3
}
List all SSL Certificates’ properties¶
GET /mgmt/cm/adc-core/working-config/sys/file/ssl-cert
Response¶
HTTP/1.1 200 OK
{
"generation": 19,
"items": [
{
"bundleCertificatesCollectionReference": {
"isSubcollection": true,
"link": "https://localhost/mgmt/cm/adc-core/working-config/sys/file/ssl-cert/b344c1b2-93b4-3747-8c22-1bf758f5f5dc/bundle-certificates"
},
"certificateKeyCurveName": "none",
"certificateKeySize": 2048,
"checksum": "SHA1:1541:b2a496c4f42226372ac82879b65c0f8f9f6f01b1",
"createDateTime": "2018-05-24T19:01:29.000Z",
"createdBy": "root",
"email": "example-address@example-name.com",
"expirationDate": 1842548100,
"expirationDateTime": "2028-05-21T18:55:00.000Z",
"fileReference": {
"link": "https://localhost/mgmt/cm/adc-core/working-config/file-objects/64e4f88b-e7f7-44c2-900c-a4eadf55ea3b"
},
"fingerprint": "d51de2af1dafd8ee1922d9abc8df272c",
"generation": 3,
"groupingKey": "/Common/example.grouping-suffix-50453eb1-4c24-481f-b4eb-30ac613aace7",
"id": "b344c1b2-93b4-3747-8c22-1bf758f5f5dc",
"isBundle": false,
"issuer": "emailAddress=example-address@example-name.com,CN=example-name.com,OU=Example Unit,O=Example Organization,L=Seattle,ST=Washington,C=US",
"keyType": "rsa-public",
"kind": "cm:adc-core:working-config:sys:file:ssl-cert:adcsslcertstate",
"lastUpdateDateTime": "2018-05-24T19:01:29.000Z",
"lastUpdateMicros": 1527189476376763,
"mode": 33188,
"name": "example.crt",
"partition": "Common",
"revision": 1,
"selfLink": "https://localhost/mgmt/cm/adc-core/working-config/sys/file/ssl-cert/b344c1b2-93b4-3747-8c22-1bf758f5f5dc",
"serialNumber": "a3:6e:da:78:29:9c:62:42",
"size": 1541,
"sourcePath": "file:/root/example.crt",
"subject": "emailAddress=example-address@example-name.com,CN=example-name.com,OU=Example Unit,O=Example Organization,L=Seattle,ST=Washington,C=US",
"updatedBy": "root",
"version": 3
},
{
"bundleCertificatesCollectionReference": {
"isSubcollection": true,
"link": "https://localhost/mgmt/cm/adc-core/working-config/sys/file/ssl-cert/d79864ab-8a47-3bd0-a9b7-1d01722bd6fa/bundle-certificates"
},
"fingerprint": "/Common/default_fingerprint",
"generation": 1,
"groupingKey": "/Common/default.grouping-suffix-50453eb1-4c24-481f-b4eb-30ac613aace7",
"id": "d79864ab-8a47-3bd0-a9b7-1d01722bd6fa",
"isBundle": false,
"kind": "cm:adc-core:working-config:sys:file:ssl-cert:adcsslcertstate",
"lastUpdateMicros": 1527015638630127,
"name": "default.crt",
"partition": "Common",
"selfLink": "https://localhost/mgmt/cm/adc-core/working-config/sys/file/ssl-cert/d79864ab-8a47-3bd0-a9b7-1d01722bd6fa"
},
{
"bundleCertificatesCollectionReference": {
"isSubcollection": true,
"link": "https://localhost/mgmt/cm/adc-core/working-config/sys/file/ssl-cert/88c3857b-44f9-3c27-a151-a364e422a1a1/bundle-certificates"
},
"fingerprint": "/Common/ca-bundle_fingerprint",
"generation": 1,
"groupingKey": "/Common/ca-bundle.grouping-suffix-50453eb1-4c24-481f-b4eb-30ac613aace7",
"id": "88c3857b-44f9-3c27-a151-a364e422a1a1",
"isBundle": true,
"kind": "cm:adc-core:working-config:sys:file:ssl-cert:adcsslcertstate",
"lastUpdateMicros": 1527015639048392,
"name": "ca-bundle.crt",
"partition": "Common",
"selfLink": "https://localhost/mgmt/cm/adc-core/working-config/sys/file/ssl-cert/88c3857b-44f9-3c27-a151-a364e422a1a1"
}
],
"kind": "cm:adc-core:working-config:sys:file:ssl-cert:adcsslcertcollectionstate",
"lastUpdateMicros": 1527189476385446,
"selfLink": "https://localhost/mgmt/cm/adc-core/working-config/sys/file/ssl-cert"
}
Delete a SSL Certificate¶
DELETE /mgmt/cm/adc-core/working-config/sys/file/ssl-cert/<id>
Response¶
HTTP/1.1 200 OK
{
"bundleCertificatesCollectionReference": {
"isSubcollection": true,
"link": "https://localhost/mgmt/cm/adc-core/working-config/sys/file/ssl-cert/b344c1b2-93b4-3747-8c22-1bf758f5f5dc/bundle-certificates"
},
"certificateKeyCurveName": "none",
"certificateKeySize": 2048,
"checksum": "SHA1:1541:b2a496c4f42226372ac82879b65c0f8f9f6f01b1",
"createDateTime": "2018-05-24T19:01:29.000Z",
"createdBy": "root",
"email": "example-address@example-name.com",
"expirationDate": 1842548100,
"expirationDateTime": "2028-05-21T18:55:00.000Z",
"fileReference": {
"link": "https://localhost/mgmt/cm/adc-core/working-config/file-objects/64e4f88b-e7f7-44c2-900c-a4eadf55ea3b"
},
"fingerprint": "d51de2af1dafd8ee1922d9abc8df272c",
"generation": 3,
"groupingKey": "/Common/example.grouping-suffix-50453eb1-4c24-481f-b4eb-30ac613aace7",
"id": "b344c1b2-93b4-3747-8c22-1bf758f5f5dc",
"isBundle": false,
"issuer": "emailAddress=example-address@example-name.com,CN=example-name.com,OU=Example Unit,O=Example Organization,L=Seattle,ST=Washington,C=US",
"keyType": "rsa-public",
"kind": "cm:adc-core:working-config:sys:file:ssl-cert:adcsslcertstate",
"lastUpdateDateTime": "2018-05-24T19:01:29.000Z",
"lastUpdateMicros": 1527191412567716,
"mode": 33188,
"name": "example.crt",
"partition": "Common",
"revision": 1,
"selfLink": "https://localhost/mgmt/cm/adc-core/working-config/sys/file/ssl-cert/b344c1b2-93b4-3747-8c22-1bf758f5f5dc",
"serialNumber": "a3:6e:da:78:29:9c:62:42",
"size": 1541,
"sourcePath": "file:/root/example.crt",
"subject": "emailAddress=example-address@example-name.com,CN=example-name.com,OU=Example Unit,O=Example Organization,L=Seattle,ST=Washington,C=US",
"updatedBy": "root",
"version": 3
}