Let’s Encrypt Domain Configuration¶
Overview¶
Use the Let’s Encrypt Domain Configuration API to create, retrieve, or delete a domain configuration when using Let’s Encrypt.
REST Endpoint: /mgmt/cm/adc-core/external-ca/config¶
Requests¶
POST /mgmt/cm/adc-core/external-ca/lets-encrypt/config¶
Send a POST request to the endpoint to save domain configurations.
Request Parameters¶
Name | Type | Required | Description |
---|---|---|---|
externalCaConfigReference | object | True | Link to the CA configuration |
link | string | True | URL for the CA configuration. This can be the value of the selfLink returned by the CA Configuration API. |
domain | object | True | List of the domains being configured |
domainName | string | True | The domain name |
Query Parameters¶
None
Response¶
The JSON in the POST’s response can include the following parameters.
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
uuid | string | UUID of the configuration |
externalCaConfigReference | object | Link to the CA configuration |
link | string | URL for the CA configuration. This can be the value of the selfLink returned by the CA Configuration API. |
name | string | Name of the server |
domains | object | A list of objects describing each domain. |
domainName | string | The name of the domain |
authenticationUrl | string | URL for authenticationUrl |
authExpiryDate | string | Expiration date |
challengeToken | string | Challenge token |
httpChallengeContent | string | Challenge content |
httpChallengeUrl | string | Challenge URL |
dnsChallengeContent | string | Challenge content |
dnsChallengeUrl | string | Challenge URL |
tlsChallengeCertContent | string | Challenge content |
tlsChallengeKeyContent | string | Challenge content |
tlsChallengeUrl | string | Challenge URL |
accountLocation | string | URL for the account location |
accountCreatedData | string | Date and time the account was created |
selfLink | string | URL for the domain configuration |
Permissions¶
Role | Allow |
---|---|
admin | Yes |
Certificate Editor/Viewer | No |
GET /mgmt/cm/adc-core/external-ca/lets-encrypt/config¶
To retrieve information for all domain configurations, you can send a GET request to the endpoint. To retrieve information for a specific configuration, append the uuid for the configuration.
Request Parameters¶
None
Query Parameters¶
None
Response¶
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
items | object | A list of domain configurations |
uuid | string | UUID of the configuration |
externalCaConfigReference | object | Link to the CA configuration |
link | string | URL for the CA configuration. This can be the value of the selfLink returned by the CA Configuration API. |
name | string | Name of the server |
domains | object | A list of objects describing each domain. |
domainName | string | The name of the domain |
authenticationUrl | string | URL for authenticationUrl |
authExpiryDate | string | Expiration date |
challengeToken | string | Challenge token |
httpChallengeContent | string | Challenge content |
httpChallengeUrl | string | Challenge URL |
dnsChallengeContent | string | Challenge content |
dnsChallengeUrl | string | Challenge URL |
tlsChallengeCertContent | string | Challenge content |
tlsChallengeKeyContent | string | Challenge content |
tlsChallengeUrl | string | Challenge URL |
accountLocation | string | URL for the account location |
accountCreatedData | string | Date and time the account was created |
selfLink | string | URL to this item |
selfLink | string | URL to this collection of items |
Permissions¶
Role | Allow |
---|---|
admin | Yes |
Certificate Editor/Viewer | Yes |
PATCH /mgmt/cm/adc-core/external-ca/lets-encrypt/config/{uuid}¶
Send a PATCH request to add or delete domain configurations of a CA configuration. Append the uuid of the CA configuration to the PATCH request.
Request Parameters¶
The body of the PATCH request can contain the domain configuration you want to add to the CA configuration. To delete a domain configuration you can send a PATCH with the domain information removed.
Name | Type | Required | Description |
---|---|---|---|
externalCaConfigReference | object | True | Link to the CA configuration |
link | string | True | URL for the CA configuration. This can be the value of the selfLink returned by the CA Configuration API. |
domain | object | True | A list of the domains |
domainName | string | True | A domain name |
Query Parameters¶
None
Response¶
The JSON in the POST’s response can include the following parameters.
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
uuid | string | UUID of the configuration |
externalCaConfigReference | object | Link to the CA configuration |
link | string | URL for the CA configuration. This can be the value of the selfLink returned by the CA Configuration API. |
name | string | Name of the server |
domains | object | A list of objects describing each domain. |
domainName | string | The name of the domain |
authenticationUrl | string | URL for authenticationUrl |
authExpiryDate | string | Expiration date |
challengeToken | string | Challenge token |
httpChallengeContent | string | Challenge content |
httpChallengeUrl | string | Challenge URL |
dnsChallengeContent | string | Challenge content |
dnsChallengeUrl | string | Challenge URL |
tlsChallengeCertContent | string | Challenge content |
tlsChallengeKeyContent | string | Challenge content |
tlsChallengeUrl | string | Challenge URL |
accountLocation | string | URL for the account location |
accountCreatedData | string | Date and time the account was created |
selfLink | string | URL for this configuration |
Permissions¶
Role | Allow |
---|---|
admin | Yes |
Certificate Editor/Viewer | No |
PUT /mgmt/cm/adc-core/external-ca/lets-encrypt/config/{uuid}¶
Send a PUT request to add or delete domain configurations of a CA configuration. Append the uuid of the CA configuration to the PUT request.
Request Parameters¶
The body of the PUT request can contain the domain configuration you want to add to the CA configuration. To delete a domain configuration you can send a PUT with the domain information removed.
Name | Type | Required | Description |
---|---|---|---|
externalCaConfigReference | object | True | Link to the CA configuration |
link | string | True | URL for the CA configuration. This can be the value of the selfLink returned by the CA Configuration API. |
domain | object | True | A list of the domains |
domainName | string | True | A domain name |
Query Parameters¶
None
Response¶
The JSON in the PUT’s response can include the following parameters.
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
uuid | string | UUID of the configuration |
externalCaConfigReference | object | Link to the CA configuration |
link | string | URL for the CA configuration. This can be the value of the selfLink returned by the CA Configuration API. |
name | string | Name of the server |
domains | object | A list of objects describing each domain. |
domainName | string | The name of the domain |
authenticationUrl | string | URL for authenticationUrl |
authExpiryDate | string | Expiration date |
challengeToken | string | Challenge token |
httpChallengeContent | string | Challenge content |
httpChallengeUrl | string | Challenge URL |
dnsChallengeContent | string | Challenge content |
dnsChallengeUrl | string | Challenge URL |
tlsChallengeCertContent | string | Challenge content |
tlsChallengeKeyContent | string | Challenge content |
tlsChallengeUrl | string | Challenge URL |
accountLocation | string | URL for the account location |
accountCreatedData | string | Date and time the account was created |
selfLink | string | URL of this configuration |
Permissions¶
Role | Allow |
---|---|
admin | Yes |
Certificate Editor/Viewer | No |
Examples¶
POST to save a new domain configuration¶
The following example saves a new Let’s Encrypt domain configuration.
POST https://<BIG-IQ>/mgmt/cm/adc-core/external-ca/lets-encrypt/config
The JSON in the body of the POST request can look similar to the following example.
{
"externalCaConfigReference": {
"link": "https://localhost/mgmt/cm/adc-core/external-ca/config/5194e771-18d1-377d-8706-1d3102ebb312"
},
"domains": [{
"domainName": "letsencrypt.example1.de"
},
{
"domainName": "letsencrypt.example2.de"
}
]
}
Response¶
The JSON in the body of the POST response can look similar to the following example.
HTTP/1.1 200 OK
{
"uuid": "a812b8da-4a11-3dca-8bd4-7f247352c49a",
"externalCaConfigReference": {
"link": "https://localhost/mgmt/cm/adc-core/external-ca/config/5194e771-18d1-377d-8706-1d3102ebb312"
},
"name": "LE_Staging_Server",
"domains": [{
"domainName": "letsencrypt.example1.de",
"authenticationUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/7139283",
"authExpiryDate": "2019-09-12T08:26:10Z",
"challengeToken": "-----omitted from sample-----",
"httpChallengeContent": "-----omitted from sample-----",
"httpChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/lb5-OQ",
"dnsChallengeContent": "-----omitted from sample-----",
"dnsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/u6VmaQ",
"tlsChallengeCertContent": "-----BEGIN CERTIFICATE-----omitted from sample-----END CERTIFICATE-----",
"tlsChallengeKeyContent": "-----omitted from sample-----",
"tlsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/SjNpbA"
},
{
"domainName": "letsencrypt.example2.de",
"authenticationUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/7139174",
"authExpiryDate": "2019-09-12T08:26:10Z",
"challengeToken": "-----omitted from sample-----",
"httpChallengeContent": "-----omitted from sample-----",
"httpChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/vMAd_g",
"dnsChallengeContent": "-----omitted from sample-----",
"dnsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/1GybMg",
"tlsChallengeCertContent": "-----BEGIN CERTIFICATE-----omitted from sample-----END CERTIFICATE-----",
"tlsChallengeKeyContent": "-----omitted from sample-----",
"tlsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/YesVuA"
}
],
"accountLocation": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/10550349",
"accountCreatedData": "2019-08-13T09:35:28Z",
"generation": 1,
"lastUpdateMicros": 1565696148351388,
"kind": "cm:adc-core:external-ca:lets-encrypt:config:letsencryptconfigstate",
"selfLink": "https://localhost/mgmt/cm/adc-core/external-ca/lets-encrypt/config/a812b8da-4a11-3dca-8bd4-7f247352c49a"
}
GET to retrieve all domain configurations¶
You can send a GET request to retrieve all or specific domain configurations
GET https://<BIG-IQ>/mgmt/cm/adc-core/external-ca/lets-encrypt/config
Response¶
The JSON in the GET’s response can look similar to the following example.
{
"items": [{
"uuid": "a812b8da-4a11-3dca-8bd4-7f247352c49a",
"externalCaConfigReference": {
"link": "https://localhost/mgmt/cm/adc-core/external-ca/config/5194e771-18d1-377d-8706-1d3102ebb312"
},
"name": "LE_Staging_Server",
"domains": [{
"domainName": "letsencrypt.example1.de",
"authenticationUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/7139283",
"authExpiryDate": "2019-09-12T08:26:10Z",
"challengeToken": "-----omitted from sample-----",
"httpChallengeContent": "-----omitted from sample-----",
"httpChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/lb5-OQ",
"dnsChallengeContent": "-----omitted from sample-----",
"dnsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/u6VmaQ",
"tlsChallengeCertContent": "-----BEGIN CERTIFICATE-----omitted from sample-----END CERTIFICATE-----",
"tlsChallengeKeyContent": "-----omitted from sample-----",
"tlsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/SjNpbA"
},
{
"domainName": "letsencrypt.example2.de",
"authenticationUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/7139174",
"authExpiryDate": "2019-09-12T08:26:10Z",
"challengeToken": "-----omitted from sample-----",
"httpChallengeContent": "-----omitted from sample-----",
"httpChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/vMAd_g",
"dnsChallengeContent": "-----omitted from sample-----",
"dnsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/1GybMg",
"tlsChallengeCertContent": "-----BEGIN CERTIFICATE-----omitted from sample-----END CERTIFICATE-----",
"tlsChallengeKeyContent": "-----omitted from sample-----",
"tlsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/YesVuA"
}
],
"accountLocation": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/10550349",
"accountCreatedData": "2019-08-13T09:35:28Z",
"generation": 1,
"lastUpdateMicros": 1565696148351388,
"kind": "cm:adc-core:external-ca:lets-encrypt:config:letsencryptconfigstate",
"selfLink": "https://localhost/mgmt/cm/adc-core/external-ca/lets-encrypt/config/a812b8da-4a11-3dca-8bd4-7f247352c49a"
}],
"generation": 2,
"kind": "cm:adc-core:external-ca:lets-encrypt:config:letsencryptconfigcollectionstate",
"lastUpdateMicros": 1565696150680342,
"selfLink": "https://localhost/mgmt/cm/adc-core/external-ca/lets-encrypt/config"
}
PATCH to update a domain configuration¶
To add or delete a specific domain configurations send a PATCH with the domain configurations. Specify the configuration by the value of its uuid.
PATCH https://<BIG-IQ>/mgmt/cm/adc-core/external-ca/lets-encrypt/config/{uuid}
The JSON in the body of the PATCH can look similar to the following example.
{
"externalCaConfigReference": {
"link": "https://localhost/mgmt/cm/adc-core/external-ca/config/5194e771-18d1-377d-8706-1d3102ebb312"
},
"domains": [
{
"domainName": "letsencrypt.example1.de"
},
{
"domainName": "letsencrypt.example2.de"
}
]
}
Response¶
HTTP/1.1 200 OK
{
"uuid": "a812b8da-4a11-3dca-8bd4-7f247352c49a",
"externalCaConfigReference": {
"link": "https://localhost/mgmt/cm/adc-core/external-ca/config/5194e771-18d1-377d-8706-1d3102ebb312"
},
"name": "LE_Staging_Server",
"domains": [{
"domainName": "letsencrypt.example1.de",
"authenticationUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/7139283",
"authExpiryDate": "2019-09-12T08:26:10Z",
"challengeToken": "-----omitted from sample-----",
"httpChallengeContent": "-----omitted from sample-----",
"httpChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/lb5-OQ",
"dnsChallengeContent": "-----omitted from sample-----",
"dnsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/u6VmaQ",
"tlsChallengeCertContent": "-----BEGIN CERTIFICATE-----omitted from sample-----END CERTIFICATE-----",
"tlsChallengeKeyContent": "-----omitted from sample-----",
"tlsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/SjNpbA"
},
{
"domainName": "letsencrypt.example2.de",
"authenticationUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/7139174",
"authExpiryDate": "2019-09-12T08:26:10Z",
"challengeToken": "-----omitted from sample-----",
"httpChallengeContent": "-----omitted from sample-----",
"httpChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/vMAd_g",
"dnsChallengeContent": "-----omitted from sample-----",
"dnsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/1GybMg",
"tlsChallengeCertContent": "-----BEGIN CERTIFICATE-----omitted from sample-----END CERTIFICATE-----",
"tlsChallengeKeyContent": "-----omitted from sample-----,
"tlsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/YesVuA"
}
],
"orderLocation": "https://acme-staging-v02.api.letsencrypt.org/acme/order/10550349/48578302",
"accountLocation": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/10550349",
"accountCreatedData": "2019-08-13T09:35:28Z",
"generation": 3,
"lastUpdateMicros": 1567672048882654,
"kind": "cm:adc-core:external-ca:lets-encrypt:config:letsencryptconfigstate",
"selfLink": "https://localhost/mgmt/cm/adc-core/external-ca/lets-encrypt/config/a812b8da-4a11-3dca-8bd4-7f247352c49a"
}
PUT to update a domain configuration¶
To add a domain configurations you can send a PUT with the domain configurations. Specify the configuration by the value of its uuid.
PUT https://<BIG-IQ>/mgmt/cm/adc-core/external-ca/lets-encrypt/config/{uuid}
The JSON in the body of the PUT can look similar to the following example.
{
"externalCaConfigReference": {
"link": "https://localhost/mgmt/cm/adc-core/external-ca/config/5194e771-18d1-377d-8706-1d3102ebb312"
},
"domains": [{
"domainName": "letsencrypt.example1.de"
},
{
"domainName": "letsencrypt.example2.de"
}
]
}
Response¶
HTTP/1.1 200 OK
{
"uuid": "a812b8da-4a11-3dca-8bd4-7f247352c49a",
"externalCaConfigReference": {
"link": "https://localhost/mgmt/cm/adc-core/external-ca/config/5194e771-18d1-377d-8706-1d3102ebb312"
},
"name": "LE_Staging_Server",
"domains": [{
"domainName": "letsencrypt.example1.de",
"authenticationUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/7139283",
"authExpiryDate": "2019-09-12T08:26:10Z",
"challengeToken": "-----omitted from sample-----",
"httpChallengeContent": "-----omitted from sample-----",
"httpChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/lb5-OQ",
"dnsChallengeContent": "-----omitted from sample-----",
"dnsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/u6VmaQ",
"tlsChallengeCertContent": "-----BEGIN CERTIFICATE-----omitted from sample-----END CERTIFICATE-----",
"tlsChallengeKeyContent": "-----omitted from sample-----",
"tlsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139283/SjNpbA"
},
{
"domainName": "letsencrypt.example2.de",
"authenticationUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/7139174",
"authExpiryDate": "2019-09-12T08:26:10Z",
"challengeToken": "-----omitted from sample-----",
"httpChallengeContent": "-----omitted from sample-----",
"httpChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/vMAd_g",
"dnsChallengeContent": "-----omitted from sample-----",
"dnsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/1GybMg",
"tlsChallengeCertContent": "-----BEGIN CERTIFICATE-----omitted from sample-----END CERTIFICATE-----",
"tlsChallengeKeyContent": "-----omitted from sample-----",
"tlsChallengeUrl": "https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7139174/YesVuA"
}
],
"orderLocation": "https://acme-staging-v02.api.letsencrypt.org/acme/order/10550349/48578302",
"accountLocation": "https://acme-staging-v02.api.letsencrypt.org/acme/acct/10550349",
"accountCreatedData": "2019-08-13T09:35:28Z",
"generation": 3,
"lastUpdateMicros": 1567672048882654,
"kind": "cm:adc-core:external-ca:lets-encrypt:config:letsencryptconfigstate",
"selfLink": "https://localhost/mgmt/cm/adc-core/external-ca/lets-encrypt/config/a812b8da-4a11-3dca-8bd4-7f247352c49a"
}