Returns a trusted certificates in the Keystore Service (KSS) keystore. If the keystore is password-protected, you must provide a Base64-encoded header value for the keystore password.
The following table summarizes the GET request parameters.
Name | Description | Type |
---|---|---|
keyAlias |
Alias for trusted certificate. | Query |
keystoreEntryType |
Type of keystore entry. Valid values include Certificate , TrustedCertificate , or CertificateChain . |
Query |
keystoreName |
Name of the keystore. | Query |
stripeName |
Name of the stripe. | Query |
Media Types: | application/json |
The response body contains information about the certificate, including:
Attribute | Description |
---|---|
"CONTENT" |
Contents of the Base64-encoded certificate. |
"Extensions" |
Optional extensions that are used to issue a certificate for a specific purpose. Each extension includes the following:
|
"ISSUER_DN" |
List of trusted distinguished names. |
"NOT_AFTER" |
Date the certificate expires. |
"NOT_BEFORE" |
Date the certificate is activated. |
"SERIAL_NO" |
Serial number of the JKS keystore. |
"SIGNATURE" |
Base64-encoded signature key. |
"SIGNING_ALGORITHM" |
Signing algorithm for the alias. |
"SUBJECT_DN" |
Subject distinguished names list. |
The following example shows how to view all certificates for an alias by submitting a GET request on the REST resource using cURL. For more information, see "cURL Access".
curl -i -X GET -u username:password -H keystorePassword:password== http://myhost:7001/idaas/platform/admin/v1/keystoreservice/certificates?"stripeName=myStripe&keystoreName=myKeystore&keyAlias=client&keystoreEntryType=Certificate"
The following shows an example of the response header. For more about the HTTP status codes, see "Status Codes."
HTTP/1.1 200 OK
The following shows an example of the response body in JSON format.
{ "SUBJECT_DN":"CN=y,OU=y,O=y,L=y,ST=y,C=y", "ISSUER_DN":"CN=y,OU=y,O=y,L=y,ST=y,C=y", "NOT_BEFORE":"Fri Jul 25 02:45:11 PDT 2014", "NOT_AFTER":"Thu Oct 23 02:45:11 PDT 2014", "SERIAL_NO":"982191050", "SIGNING_ALGORITHM":"1.2.840.10040.4.3", "CONTENT":"-----BEGIN CERTIFICATE----- Base64-encoded certificate -----END CERTIFICATE-----", "SIGNATURE":Base64-encoded signature key", "Extensions":"{subjectKeyIDExtension {oid = 2.5.29.14 critical = false, value = 329b98f6b6225e92ca52513d3bfc43ee02aa9121}}" }