View a Trusted Certificate in the KSS Keystore

Returns a trusted certificates in the Keystore Service (KSS) keystore. If the keystore is password-protected, you must provide a Base64-encoded header value for the keystore password.

REST Request

GET /idaas/platform/admin/v1/keystoreservice/certificates

Parameters

The following table summarizes the GET request parameters.

Name	Description	Type
`keyAlias`	Alias for trusted certificate.	Query
`keystoreEntryType`	Type of keystore entry. Valid values include `Certificate`, `TrustedCertificate`, or `CertificateChain`.	Query
`keystoreName`	Name of the keystore.	Query
`stripeName`	Name of the stripe.	Query

Response Body

Media Types: application/json

The response body contains information about the certificate, including:

Attribute	Description
`"CONTENT"`	Contents of the Base64-encoded certificate.
`"Extensions"`	Optional extensions that are used to issue a certificate for a specific purpose. Each extension includes the following: Object identifier (oid) that uniquely identifies it Flag indicating whether the extension is critical Set of values
`"ISSUER_DN"`	List of trusted distinguished names.
`"NOT_AFTER"`	Date the certificate expires.
`"NOT_BEFORE"`	Date the certificate is activated.
`"SERIAL_NO"`	Serial number of the JKS keystore.
`"SIGNATURE"`	Base64-encoded signature key.
`"SIGNING_ALGORITHM"`	Signing algorithm for the alias.
`"SUBJECT_DN"`	Subject distinguished names list.

cURL Example

The following example shows how to view all certificates for an alias by submitting a GET request on the REST resource using cURL. For more information, see "cURL Access".

curl -i -X GET -u username:password -H keystorePassword:password== http://myhost:7001/idaas/platform/admin/v1/keystoreservice/certificates?"stripeName=myStripe&keystoreName=myKeystore&keyAlias=client&keystoreEntryType=Certificate"

Example of Response Header

The following shows an example of the response header. For more about the HTTP status codes, see "Status Codes."

HTTP/1.1 200 OK

Example of Response Body

The following shows an example of the response body in JSON format.

{
    "SUBJECT_DN":"CN=y,OU=y,O=y,L=y,ST=y,C=y",
    "ISSUER_DN":"CN=y,OU=y,O=y,L=y,ST=y,C=y",
    "NOT_BEFORE":"Fri Jul 25 02:45:11 PDT 2014",
    "NOT_AFTER":"Thu Oct 23 02:45:11 PDT 2014",
    "SERIAL_NO":"982191050",
    "SIGNING_ALGORITHM":"1.2.840.10040.4.3",
    "CONTENT":"-----BEGIN CERTIFICATE----- 
Base64-encoded certificate
-----END CERTIFICATE-----",
    "SIGNATURE":Base64-encoded signature key",
    "Extensions":"{subjectKeyIDExtension {oid = 2.5.29.14 critical = false, value = 329b98f6b6225e92ca52513d3bfc43ee02aa9121}}"
}