Let’s Encrypt Challenge Content¶
Overview¶
You can use the Let’s Encrypt Challenge Content API to get challenge content for a domain.
REST Endpoint: /mgmt/cm/adc-core/external-ca/lets-encrypt/challenge¶
Requests¶
POST /mgmt/cm/adc-core/external-ca/lets-encrypt/challenge¶
Using POST we can get challenge contents for a domain.
Request Parameters¶
| Name | Type | Required | Description |
|---|---|---|---|
| externalCaConfigReference | object | True | Link to the CA configuration |
| link | string | True | URL for the CA configuration. This can be the value of the selfLink returned by the CA Configuration API. |
| authLocation | string | True | Let’s Encrypt URL for authenticating the domain. |
| accountLocation | string | True | Let’s Encrypt URL for the account. |
Query Parameters¶
None
Response¶
The JSON in the POST’s response can include the following parameters.
HTTP/1.1 200 OK
| Name | Type | Required |
|---|---|---|
| externalCaConfigReference | object | Link to the CA configuration |
| link | string | URL for the CA configuration. This can be the value of the selfLink returned by the CA Configuration API. |
| authLocation | string | Let’s Encrypt URL for authenticating the domain. |
| accountLocation | string | Let’s Encrypt URL for the account. |
| domain | object | An object describing the domain. |
| domainName | string | The name of the domain |
| authenticationUrl | string | URL for authentication |
| challengeToken | string | Challenge token |
| httpChallengeContent | string | Challenge content |
| httpChallengeUrl | string | Challenge URL |
| dnsChallengeContent | string | Challenge content |
| dnsChallengeUrl | string | Challenge URL |
| tlsChallengeCertContent | string | Challenge content |
| tlsChallengeKeyContent | string | Challenge content |
| tlsChallengeUrl | string | Challenge URL |
Permissions¶
| Role | Allow |
|---|---|
| admin | Yes |
| Certificate Editor/Viewer | No |
Examples¶
POST to get challenge content¶
The following is an example of a POST to get challenge content.
POST https://<BIG-IQ>/mgmt/cm/adc-core/external-ca/lets-encrypt/challenge
The JSON in the body of the request can look similar to the following.
{
"externalCaConfigReference": {
"link": "https://localhost/mgmt/cm/adc-core/external-ca/config/5194e771-18d1-377d-8706-1d3102ebb312"
},
"authLocation": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3919567",
"accountLocation": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/10550349"
}
Response¶
HTTP/1.1 200 OK
The JSON in the body of the request can look similar to the following.
{
"externalCaConfigReference": {
"link": "https://localhost/mgmt/cm/adc-core/external-ca/config/5194e771-18d1-377d-8706-1d3102ebb312"
},
"authLocation": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3919567",
"accountLocation": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/10550349",
"domain": {
"domainName": "letsencrypt.example1.de",
"authenticationUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/3919567",
"challengeToken": "--- omitted from sample ---",
"httpChallengeContent": "--- omitted from sample ---",
"httpChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3919567/kPngug",
"dnsChallengeContent": "--- omitted from sample ---",
"dnsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3919567/lCcCaA",
"tlsChallengeCertContent": "--- omitted from sample ---",
"tlsChallengeKeyContent": "--- omitted from sample ---",
"tlsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/3919567/EWNOUQ"
},
"generation": 0,
"lastUpdateMicros": 0
}