Use the GET method to view trusted certificates in the Keystore Service (KSS) keystore. If the keystore is password-protected, you must provide a Base64-encoded header value for the keystore password.
The following table summarizes the GET request parameters.
Name | Description | Type |
---|---|---|
keyAlias |
Alias for trusted certificate. | Query |
keystoreEntryType |
Type of keystore entry. Valid values include Certificate , TrustedCertificate , or CertificateChain . |
Query |
keystoreName |
Name of the keystore. | Query |
stripeName |
Name of the stripe. | Query |
Media Types: | application/json |
The response body contains information about the certificate, including:
Attribute | Description |
---|---|
"CONTENT" |
Contents of the Base64-encoded certificate. |
"Extensions" |
Optional extensions that are used to issue a certificate for a specific purpose. Each extension includes the following:
|
"ISSUER_DN" |
List of trusted distinguished names. |
"NOT_AFTER" |
Date the certificate expires. |
"NOT_BEFORE" |
Date the certificate is activated. |
"SERIAL_NO" |
Serial number of the JKS keystore. |
"SIGNATURE" |
Base64-encoded signature key. |
"SIGNING_ALGORITHM" |
Signing algorithm for the alias. |
"SUBJECT_DN" |
Subject distinguished names list. |
The following example shows how to view all certificates for an alias by submitting a GET request on the REST resource using cURL.
curl -i -X GET -u username:password -H keystorePassword:cHdkMQ== http://myhost:7001/idaas/platform/admin/v1/keystoreservice/certificates?"stripeName=myStripe&keystoreName=myKeystore&keyAlias=client&keystoreEntryType=Certificate"
The following shows an example of the response header. For more about the HTTP status codes, see "HTTP Status Codes for HTTP Methods."
HTTP/1.1 200 OK
The following shows an example of the response body in JSON format.
{ "SUBJECT_DN":"CN=y,OU=y,O=y,L=y,ST=y,C=y", "ISSUER_DN":"CN=y,OU=y,O=y,L=y,ST=y,C=y", "NOT_BEFORE":"Fri Jul 25 02:45:11 PDT 2014", "NOT_AFTER":"Thu Oct 23 02:45:11 PDT 2014", "SERIAL_NO":"982191050", "SIGNING_ALGORITHM":"1.2.840.10040.4.3", "CONTENT":"-----BEGIN CERTIFICATE----- \nMIIC7DCCAqqgAwIBAgIEOosLyjALBgcqhkjOOAQDBQAwS EKMAgGA1UEBhMBcjEKMAgGA1UECBMB\ncjEKMAgGA1UEBxMBcjEKMAgGA1UEChMBcjEKMAgGA1UECxM cjEKMAgGA1UEAxMBUjAeFw0xNDA3\nMjUwOTQ1MTFaFw0xNDEwMjMwOTQ1MTFaMEgxCjAIBgNVBAYTA IxCjAIBgNVBAgTAXIxCjAIBgNV\nBAcTAXIxCjAIBgNVBAoTAXIxCjAIBgNVBAsTAXIxCjAIBgNVBAM AVIwggG3MIIBLAYHKoZIzjgE\nATCCAR8CgYEA\/X9TgR11EilS30qcLuzk5\/YRt1I870QAwx4\/gL RJmlFXUAiUftZPY1Y+r\/F9bow\n9subVWzXgTuAHTRv8mZgt2uZUKWkn5\/oBHsQIsJPu6nX\/rfGG /g7V+fGqKYVDwT7g\/bTxR7DAjVU\nE1oWkTL2dfOuK2HXKu\/yIgMZndFIAccCFQCXYFCPFSMLzLKS YKi64QL8Fgc9QKBgQD34aCF1ps9\n3su8q1w2uFe5eZSvu\/o66oL5V0wLPQeCZ1FZV4661FlP5nEHE GAtEkWcSPoTCgWE7fPCTKMyKbh\nPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFG iaiD3+Fa5Z8GkotmXoB7VSVk\nAUw7\/s9JKgOBhAACgYAjhpZybXj6rlXDow8srnSFE9dZJJpCKaQV ACagQogePV+xlqPClDOoiQJ\nuvuUGHerDrThC1\/Wq5Uj1+TnkSKTy0qYxmQoq56xALa47np9TKtqt 4Vy8eUUorakG4lrjNt\/EgR\nfO675n+qINkKXKpcxaCicupRCYPkPXlnT4mtyKMhMB8wHQYDVR0OBB EFDKbmPa2Il6SylJRPTv8\nQ+4CqpEhMAsGByqGSM44BAMFAAMvADAsAhQbkmlaUG5QDR5mXUiYC74p \/FBOwIUGx5lc5Y01ppo\nvK3UgL7M8E3eOfc=\n-----END CERTIFICATE-----", "SIGNATURE":FEZN2l4SPFEK5jt2QZRb5Q==", "Extensions":"{subjectKeyIDExtension {oid = 2.5.29.14 critical = false, value = 329b98f6b6225e92ca52513d3bfc43ee02aa9121}}" }