Create a new certificate

10/23/2024 Contributors

PDFs

POST /accounts/{account_id}/core/v1/certificates

Indicates the desired values for the Certificate API resource to be created.

Parameters

Name	Type	In	Required	Description
account_id	string	path	True	ID of the containing account resource example: {{.Account}}

Name

Type

Required

Description

account_id

string

path

True

ID of the containing account resource

example: {{.Account}}

Request Body

Indicates the desired values for the Certificate API resource to be created.

Name	Type	Required	Description
type	string	True	Media type of the resource. Defined values are: "application/astra-certificate"
version	string	True	Version of the resource. Defined values are: "1.0" "1.1"
certUse	string	False	JSON string indicating the use of the certificate. If not specified, defaults to "rootCA". Defined values are: "rootCA" - The certificate is a certificate authority (CA) certificate used to trust any certificate signed by that CA. "intermediateCA" - The certificate is an intermediate CA certificate issued by a root CA.
cert	string	True	JSON string containing a base64 encoded PKCS-11 formatted certificate (PEM). Defined values are: Conforms to the base64 Encoded Data Schema
isSelfSigned	string	False	JSON string indicating whether the certificate is self-signed. If not provided on create, the value defaults to "false". On update: If the value is provided, that value will be used. If the value is not provided and the "cert" field is included in the update, the value will be set to "false". If the value is not provided and the "cert" field is not included in the update, the existing value will be retained. Defined values are: "true" - The certificate is self-signed. "false" - The certificate is not self-signed.
trustStateDesired	string	False	JSON string containing a value indicating whether the certificate is trusted. If not specified on create, the default value is "trusted". Defined values are: "untrusted" - The certificate is not trusted. "trusted" - The certificate is marked as trusted.
metadata	type_astra_metadata_update	False	Client and service-specified metadata associated with the resource. Defined values are: Conforms to the Astra Metadata Schema If not specified on create, a metadata object will be created with no labels. If not specified on update, the metadata object's labels, creationTimestamp and createdBy, will be preserved without modification.

Name

Type

Required

Description

type

string

True

Media type of the resource. Defined values are:

"application/astra-certificate"

version

string

True

Version of the resource. Defined values are:

"1.0"
"1.1"

certUse

string

False

JSON string indicating the use of the certificate. If not specified, defaults to "rootCA". Defined values are:

"rootCA" - The certificate is a certificate authority (CA) certificate used to trust any certificate signed by that CA.
"intermediateCA" - The certificate is an intermediate CA certificate issued by a root CA.

cert

string

True

JSON string containing a base64 encoded PKCS-11 formatted certificate (PEM). Defined values are:

Conforms to the base64 Encoded Data Schema

isSelfSigned

string

False

JSON string indicating whether the certificate is self-signed. If not provided on create, the value defaults to "false". On update:

If the value is provided, that value will be used.
If the value is not provided and the "cert" field is included in the update, the value will be set to "false".
If the value is not provided and the "cert" field is not included in the update, the existing value will be retained. Defined values are:
"true" - The certificate is self-signed.
"false" - The certificate is not self-signed.

trustStateDesired

string

False

JSON string containing a value indicating whether the certificate is trusted. If not specified on create, the default value is "trusted". Defined values are:

"untrusted" - The certificate is not trusted.
"trusted" - The certificate is marked as trusted.

metadata

type_astra_metadata_update

False

Client and service-specified metadata associated with the resource. Defined values are:

Conforms to the Astra Metadata Schema If not specified on create, a metadata object will be created with no labels. If not specified on update, the metadata object's labels, creationTimestamp and createdBy, will be preserved without modification.

Example request

{
  "type": "application/astra-certificate",
  "version": "1.1",
  "certUse": "rootCA",
  "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZyVENDQTVXZ0F3MVJHbnFGbUJSSWRyV1kwPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t"
}

Response

Status: 201, Returns the newly created certificate resource in the JSON response body.

Name	Type	Required	Description
type	string	True	Media type of the resource. Defined values are: "application/astra-certificate"
version	string	True	Version of the resource. Defined values are: "1.0" "1.1"
id	string	True	Globally unique identifier of the resource. Defined values are: Conforms to the UUIDv4 Schema
certUse	string	True	JSON string indicating the use of the certificate. If not specified, defaults to "rootCA". Defined values are: "rootCA" - The certificate is a certificate authority (CA) certificate used to trust any certificate signed by that CA. "intermediateCA" - The certificate is an intermediate CA certificate issued by a root CA.
cert	string	True	JSON string containing a base64 encoded PKCS-11 formatted certificate (PEM). Defined values are: Conforms to the base64 Encoded Data Schema
cn	string	True	JSON string containing a common name extracted from the certificate. Defined values are: Minimum length: 1 Maximum length: 511
expiryTimestamp	string	True	JSON string containing a timestamp indicating when the certificate expires. Defined values are: Conforms to the ISO-8601 Date Time Schema
isSelfSigned	string	True	JSON string indicating whether the certificate is self-signed. If not provided on create, the value defaults to "false". On update: If the value is provided, that value will be used. If the value is not provided and the "cert" field is included in the update, the value will be set to "false". If the value is not provided and the "cert" field is not included in the update, the existing value will be retained. Defined values are: "true" - The certificate is self-signed. "false" - The certificate is not self-signed.
trustState	string	True	JSON string containing one of a set of enumerated values indicating whether the certificate is trusted. Defined values are: "untrusted" - The certificate is not trusted. "trusted" - The certificate is marked as trusted. "expired" - The certificate is expired, so is neither trusted or not trusted.
trustStateTransitions	array[type_astra_stateTransition]	True	JSON array of JSON objects, each representing the set of permitted state transitions from a given defined state. Each JSON object contains the fields "from" and "to", where the "from" value is the name of a state, and the "to" value is an array of permitted destination states.
trustStateDesired	string	False	JSON string containing a value indicating whether the certificate is trusted. If not specified on create, the default value is "trusted". Defined values are: "untrusted" - The certificate is not trusted. "trusted" - The certificate is marked as trusted.
trustStateDetails	array[type_astra_stateDetail]	True	JSON array of JSON objects that lists additional details about the trust state of the certificate. If no details are available, this array will be empty. Minimum Items: 0
metadata	type_astra_metadata_update	True	Client and service-specified metadata associated with the resource. Defined values are: Conforms to the Astra Metadata Schema If not specified on create, a metadata object will be created with no labels. If not specified on update, the metadata object's labels, creationTimestamp and createdBy, will be preserved without modification.

Name

Type

Required

Description

type

string

True

Media type of the resource. Defined values are:

"application/astra-certificate"

version

string

True

Version of the resource. Defined values are:

"1.0"
"1.1"

string

True

Globally unique identifier of the resource. Defined values are:

Conforms to the UUIDv4 Schema

certUse

string

True

JSON string indicating the use of the certificate. If not specified, defaults to "rootCA". Defined values are:

"rootCA" - The certificate is a certificate authority (CA) certificate used to trust any certificate signed by that CA.
"intermediateCA" - The certificate is an intermediate CA certificate issued by a root CA.

cert

string

True

JSON string containing a base64 encoded PKCS-11 formatted certificate (PEM). Defined values are:

Conforms to the base64 Encoded Data Schema

string

True

JSON string containing a common name extracted from the certificate. Defined values are:

Minimum length: 1
Maximum length: 511

expiryTimestamp

string

True

JSON string containing a timestamp indicating when the certificate expires. Defined values are:

Conforms to the ISO-8601 Date Time Schema

isSelfSigned

string

True

JSON string indicating whether the certificate is self-signed. If not provided on create, the value defaults to "false". On update:

If the value is provided, that value will be used.
If the value is not provided and the "cert" field is included in the update, the value will be set to "false".
If the value is not provided and the "cert" field is not included in the update, the existing value will be retained. Defined values are:
"true" - The certificate is self-signed.
"false" - The certificate is not self-signed.

trustState

string

True

JSON string containing one of a set of enumerated values indicating whether the certificate is trusted. Defined values are:

"untrusted" - The certificate is not trusted.
"trusted" - The certificate is marked as trusted.
"expired" - The certificate is expired, so is neither trusted or not trusted.

trustStateTransitions

array[type_astra_stateTransition]

True

JSON array of JSON objects, each representing the set of permitted state transitions from a given defined state. Each JSON object contains the fields "from" and "to", where the "from" value is the name of a state, and the "to" value is an array of permitted destination states.

trustStateDesired

string

False

JSON string containing a value indicating whether the certificate is trusted. If not specified on create, the default value is "trusted". Defined values are:

"untrusted" - The certificate is not trusted.
"trusted" - The certificate is marked as trusted.

trustStateDetails

array[type_astra_stateDetail]

True

JSON array of JSON objects that lists additional details about the trust state of the certificate. If no details are available, this array will be empty.

Minimum Items: 0

metadata

type_astra_metadata_update

True

Client and service-specified metadata associated with the resource. Defined values are:

Conforms to the Astra Metadata Schema If not specified on create, a metadata object will be created with no labels. If not specified on update, the metadata object's labels, creationTimestamp and createdBy, will be preserved without modification.

Example response

{
  "type": "application/astra-certificate",
  "version": "1.1",
  "id": "a26cbed4-2183-58ce-aa19-e37ca8b0531a",
  "certUse": "rootCA",
  "cert": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZyVENDQTVXZ0F3MVJHbnFGbUJSSWRyV1kwPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0t",
  "cn": "vcenter.example.com",
  "isSelfSigned": "false",
  "expiryTimestamp": "2022-03-23T16:48:38.5233461Z",
  "trustState": "trusted",
  "trustStateTransitions": [
    {
      "from": "untrusted",
      "to": [
        "trusted"
      ]
    },
    {
      "from": "trusted",
      "to": [
        "untrusted"
      ]
    }
  ],
  "trustStateDesired": "trusted",
  "trustStateDetails": [],
  "metadata": {
    "labels": [],
    "creationTimestamp": "2022-10-06T20:58:16.305662Z",
    "modificationTimestamp": "2022-10-06T20:58:16.305662Z",
    "createdBy": "8f84cf09-8036-51e4-b579-bd30cb07b269"
  }
}

Response

Status: 400, Bad request

Name	Type	Required	Description
type	string	True
title	string	True
detail	string	True
status	string	True
correlationID	string	False
invalidFields	array[invalidFields]	False	List of invalid request body fields

Name

Type

Required

Description

type

string

True

title

string

True

detail

string

True

status

string

True

correlationID

string

False

invalidFields

array[invalidFields]

False

List of invalid request body fields

Example response

{
  "type": "https://astra.netapp.io/problems/7",
  "title": "Invalid JSON payload",
  "detail": "The request body is not valid JSON.",
  "status": "400"
}

Response

Status: 403, Forbidden

Name	Type	Required
type	string	True
title	string	True
detail	string	True
status	string	True
correlationID	string	False

Name

Type

Required

Description

type

string

True

title

string

True

detail

string

True

status

string

True

correlationID

string

False

Example response

{
  "type": "https://astra.netapp.io/problems/11",
  "title": "Operation not permitted",
  "detail": "The requested operation isn't permitted.",
  "status": "403"
}

Response

Status: 500, Internal server error

Name	Type	Required
type	string	True
title	string	True
detail	string	True
status	string	True
correlationID	string	False

Name

Type

Required

Description

type

string

True

title

string

True

detail

string

True

status

string

True

correlationID

string

False

Example response

{
  "type": "https://astra.netapp.io/problems/34",
  "title": "Internal server error",
  "detail": "The server was unable to process this request.",
  "status": "500"
}

Response

Status: 503, Service unavailable

Name	Type	Required
type	string	True
title	string	True
detail	string	True
status	string	True
correlationID	string	False

Name

Type

Required

Description

type

string

True

title

string

True

detail

string

True

status

string

True

correlationID

string

False

Example response

{
  "type": "https://astra.netapp.io/problems/41",
  "title": "Service not ready",
  "detail": "Currently, the service can't respond to this request.",
  "status": "503"
}

Error

Status: 401, Unauthorized

Name	Type	Required
type	string	True
title	string	True
detail	string	True
status	string	True
correlationID	string	False

Name

Type

Required

Description

type

string

True

title

string

True

detail

string

True

status

string

True

correlationID

string

False

Example error response

{
  "type": "https://astra.netapp.io/problems/3",
  "title": "Missing bearer token",
  "detail": "The request is missing the required bearer token.",
  "status": "401"
}

Definitions

See Definitions

type_astra_label

Name	Type	Required	Description
name	string	True
value	string	True

Name

Type

Required

Description

name

string

True

value

string

True

type_astra_metadata_update

Client and service-specified metadata associated with the resource. Defined values are:

Conforms to the Astra Metadata Schema If not specified on create, a metadata object will be created with no labels. If not specified on update, the metadata object's labels, creationTimestamp and createdBy, will be preserved without modification.

Name	Type	Required
labels	array[type_astra_label]	False
creationTimestamp	string	False
modificationTimestamp	string	False
createdBy	string	False
modifiedBy	string	False

Name

Type

Required

Description

labels

array[type_astra_label]

False

creationTimestamp

string

False

modificationTimestamp

string

False

createdBy

string

False

modifiedBy

string

False

type_astra_stateTransition

Name	Type	Required	Description
from	string	True
to	array[string]	True

Name

Type

Required

Description

from

string

True

array[string]

True

additionalDetails

type_astra_stateDetail

Name	Type	Required
type	string	True
title	string	True
detail	string	True
additionalDetails	additionalDetails	False

Name

Type

Required

Description

type

string

True

title

string

True

detail

string

True

additionalDetails

False

invalidFields

Name	Type	Required	Description
name	string	True	Name of the invalid request body field
reason	string	True	Reason why the request body field is invalid

Name

Type

Required

Description

name

string

True

Name of the invalid request body field

reason

string

True

Reason why the request body field is invalid

Create a new certificate

Creating your file...

Parameters

Request Body

Response

Response

Response

Response

Response

Error

Definitions