Jump to

• Request
• Response
• Examples

Generate a certificate signing request for a certificate-record

put

/rest/{version}/configuration/certificates/generateRequest

This API allows the client to generate a certificate signing request (CSR) in PKCS10 PEM format. The generated private key is stored in the certificate-record configuration element. The client making this request must already possess the configuration lock or the request fails. If one or more attributes or sub-elements in the request is syntactically invalid in any way, this request fails and the certificate-record configuration is left unmodified.

Request

Path Parameters

• version:
  REST API version string.
  Available values: v1.2

Query Parameters

• reGenerate(optional):
  Flag to indicate whether to regenerate CSR or not
• recordName:
  Name of the certificate-record.

Header Parameters

• Authorization:
  The value in the Authorization header must be the string "Bearer {access token}", where {access token} is a valid, unexpired token received in response to a prior /rest/{version}/auth/token request.

Back to Top

Response

200 Response

OK - Certificate signing request is returned in data section of the response body.

400 Response

The request is malformed in some way or is missing required information and therefore cannot be processed.

401 Response

Unauthorized - Request lacks valid authentication credentials.

403 Response

This request requires the client credentials to have administrator privileges.

404 Response

Certificate specified with recordName key attribute is not found

423 Response

The request requires the configuration lock and failed because the client does not currently own the lock. If another client or user currently owns the configuration lock, the error message is "Resource locked by another user". If no client or user owns the configuration lock, the error message is "User does not have the lock".

Back to Top

Examples

Example of Accessing the API with cURL

The following example shows how to generate a Certificate Signing Request by submitting a PUT request on the REST resource using cURL. For more information about cURL, see Use cURL.

curl -X PUT \
    --header "Accept: application/xml" \
    --header "Authorization: Bearer $TOKEN" \
    "https://${SBCIP}/rest/v1.2/configuration/certificates/generateRequest?recordName=rest-server"

Example of Accessing the API with Python

The following example shows how to generate a Certificate Signing Request by submitting a PUT request on the REST resource using Python. This example assumes you have a valid token stored in the token variable. For an example of authenticating with Python, see Authenticate.

import requests
headers = { "Accept":"application/xml", "Authorization":"Bearer " + token }
url  = "https://" + sbcip + "/rest/v1.2/configuration/certificates/generateRequest?recordName=rest-server"
resp = requests.put(url, headers=headers)

Example of the Response Headers

The following shows an example of the response headers.

HTTP/1.1 200
Server: nginx/1.14.1
Date: Mon, 14 Sep 2020 10:25:14 GMT
Content-Type: application/xml
Transfer-Encoding: chunked
Connection: keep-alive

Example of the Response Body

The following example shows the contents of the response body in XML format.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response>
  <data>
    <CertificateRequest>
      <recordName>rest-server</recordName>
      <certificateSignedRequest>-----BEGIN CERTIFICATE REQUEST-----
MIIC1jCCAb4CAQAwXjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1BMRMwEQYDVQQH
J8pdaZzWTddSXOUMHftzx6Ix04xzYtp8NGuZ3GgB5FQbRMG2RW7sdWcvH4uUzMVm
2XfiMqWb6MnvCnk2nwGbJahV1D0/unm3QygAY8Riqua8UXevXY3p2uli4cKqrVj7
OZNU1UiS0ylVlxahxww0YPjyfWdeNKa183KQJMkd4m7f609AfUnz97teDLFMHzDP
HauJyrq7DG5YmbmTAgMBAAGgMzAxBgkqhkiG9w0BCQ4xJDAiMAsGA1UdDwQEAwIF
ZVJlc3RTZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo6k9j
EwpCdXJsaW5ndG9uMRQwEgYDVQQKEwtFbmdpbmVlcmluZzEXMBUGA1UEAxMOQWNt
Lk5mt/o9W7vUv38efGki8vHQIso6aZsfAcoagUejLSYy3HzXV8+ngfDQ8coUsE0D
kkhSK15DXufIJblCk25KWbeJiI413BDavNi+48WvDisKdszYZm/g45nKp4I/X3JJ
y/yqfrtrQauVidznodCsVbk+hbAcjg39bp1mWADZqdX4eUoiL+yBk7HHNrqrRpb8
IrT+OnjSiBhyqqmMkvRSpV5tomRK+VTwa9Xz50d9FTIZBPEe+gHTWiXHg1Dq9Rqb
MBjJVsVTyP0Whf6xZsRIaq5C/Ko0y3olTulyyigsXbYV7twBUwDw578DiGZ0uLXg
tkRO/9eGrpT7RFMc79gr6qnIZuorYI0FSi7ZDxXtl4fCuV5A1E4Au+gCM1s6Q50i
oDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsFAAOCAQEA5wGtzGCR
e2vZqH1MWal54Yr4VwTLybija8AYkEiRPlm78go4YaNWrcKjTS7vSmZQgKziArom
8JWD3ValiNBIog==
-----END CERTIFICATE REQUEST-----
</certificateSignedRequest>
    </CertificateRequest>
  </data>
  <messages/>
  <links/>
</response>

Back to Top