Retrieve security certificates

security certificate show

Parameters

Name	Type	In	Required	Description
authority_key_identifier	string	query	False	Filter by authority_key_identifier Introduced in: 9.8
ca	string	query	False	Filter by ca maxLength: 256 minLength: 1
svm.uuid	string	query	False	Filter by svm.uuid
svm.name	string	query	False	Filter by svm.name
public_certificate	string	query	False	Filter by public_certificate Introduced in: 9.8
common_name	string	query	False	Filter by common_name
uuid	string	query	False	Filter by uuid Introduced in: 9.8
key_size	integer	query	False	Filter by key_size
serial_number	string	query	False	Filter by serial_number maxLength: 40 minLength: 1
expiry_time	string	query	False	Filter by expiry_time
type	string	query	False	Filter by type
name	string	query	False	Filter by name Introduced in: 9.8
scope	string	query	False	Filter by scope
subject_key_identifier	string	query	False	Filter by subject_key_identifier Introduced in: 9.8
hash_function	string	query	False	Filter by hash_function
fields	array[string]	query	False	Specify the fields to return.
max_records	integer	query	False	Limit the number of records returned.
return_timeout	integer	query	False	The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached. Default value: 1 Max value: 120 Min value: 0
return_records	boolean	query	False	The default is true for GET calls. When set to false, only the number of records is returned. Default value: 1
order_by	array[string]	query	False	Order results by specified fields and optional [asc

Name

Type

In

Required

Description

authority_key_identifier

string

query

False

Filter by authority_key_identifier

Introduced in: 9.8

ca

string

query

False

Filter by ca

maxLength: 256
minLength: 1

svm.uuid

string

query

False

Filter by svm.uuid

svm.name

string

query

False

Filter by svm.name

public_certificate

string

query

False

Filter by public_certificate

Introduced in: 9.8

common_name

string

query

False

Filter by common_name

uuid

string

query

False

Filter by uuid

Introduced in: 9.8

key_size

integer

query

False

Filter by key_size

serial_number

string

query

False

Filter by serial_number

maxLength: 40
minLength: 1

expiry_time

string

query

False

Filter by expiry_time

type

string

query

False

Filter by type

name

string

query

False

Filter by name

Introduced in: 9.8

scope

string

query

False

Filter by scope

subject_key_identifier

string

query

False

Filter by subject_key_identifier

Introduced in: 9.8

hash_function

string

query

False

Filter by hash_function

fields

array[string]

query

False

Specify the fields to return.

max_records

integer

query

False

Limit the number of records returned.

return_timeout

integer

query

False

The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached.

Default value: 1
Max value: 120
Min value: 0

return_records

boolean

query

False

The default is true for GET calls. When set to false, only the number of records is returned.

Default value: 1

order_by

array[string]

query

False

Order results by specified fields and optional [asc

Response

Status: 200, Ok

Name	Type	Description
_links	_links
num_records	integer	Number of records
records	array[security_certificate]

Name

Type

Description

_links

num_records

integer

Number of records

records

array[security_certificate]

Example response

{
  "_links": {
    "next": {
      "href": "/api/resourcelink"
    },
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "num_records": 1,
  "records": [
    {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "authority_key_identifier": "26:1F:C5:53:5B:D7:9E:E2:37:74:F4:F4:06:09:03:3D:EB:41:75:D7",
      "azure": {
        "verify_host": true
      },
      "ca": "string",
      "common_name": "test.domain.com",
      "expiry_time": "string",
      "hash_function": "string",
      "name": "string",
      "public_certificate": "-----BEGIN CERTIFICATE----- MIIBuzCCAWWgAwIBAgIIFTZBrqZwUUMwDQYJKoZIhvcNAQELBQAwHDENMAsGA1UE AxMEVEVTVDELMAkGA1UEBhMCVVMwHhcNMTgwNjA4MTgwOTAxWhcNMTkwNjA4MTgw OTAxWjAcMQ0wCwYDVQQDEwRURVNUMQswCQYDVQQGEwJVUzBcMA0GCSqGSIb3DQEB AQUAA0sAMEgCQQDaPvbqUJJFJ6NNTyK3Yb+ytSjJ9aa3yUmYTD9uMiP+6ycjxHWB e8u9z6yCHsW03ync+dnhE5c5z8wuDAY0fv15AgMBAAGjgYowgYcwDAYDVR0TBAUw AwEB/zALBgNVHQ8EBAMCAQYwHQYDVR0OBBYEFMJ7Ev/o/3+YNzYh5XNlqqjnw4zm MEsGA1UdIwREMEKAFMJ7Ev/o/3+YNzYh5XNlqqjnw4zmoSCkHjAcMQ0wCwYDVQQD EwRURVNUMQswCQYDVQQGEwJVU4IIFTZBrqZwUUMwDQYJKoZIhvcNAQELBQADQQAv DovYeyGNnknjGI+TVNX6nDbyzf7zUPqnri0KuvObEeybrbPW45sgsnT5dyeE/32U 9Yr6lklnkBtVBDTmLnrC -----END CERTIFICATE-----",
      "scope": "string",
      "serial_number": "string",
      "subject_key_identifier": "26:1F:C5:53:5B:D7:9E:E2:37:74:F4:F4:06:09:03:3D:EB:41:75:D8",
      "svm": {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "name": "svm1",
        "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
      },
      "type": "string",
      "uuid": "string"
    }
  ]
}

Error

Status: Default, Error

Name	Type	Description
error	returned_error

Name

Type

Description

error

returned_error

Example error

{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name	Type	Description
href	string

Name

Type

Description

href

string

_links

Name	Type	Description
next	href
self	href

Name

Type

Description

self

href

_links

Name	Type	Description
self	href

Name

Type

Description

self

href

proxy

azure

Name	Type	Description
proxy	proxy

Name

Type

Description

proxy

svm

SVM, applies only to SVM-scoped objects.

Name	Type	Description
_links	_links
name	string	The name of the SVM. This field cannot be specified in a PATCH method.
uuid	string	The unique identifier of the SVM. This field cannot be specified in a PATCH method.

Name

Type

Description

_links

name

string

The name of the SVM. This field cannot be specified in a PATCH method.

uuid

string

The unique identifier of the SVM. This field cannot be specified in a PATCH method.

security_certificate

Name	Type	Description
_links	_links
authority_key_identifier	string	Provides the key identifier of the issuing CA certificate that signed the SSL certificate.
azure	azure
ca	string	Certificate authority
common_name	string	FQDN or custom common name. Provide on POST when creating a self-signed certificate.
expiry_time	string	Certificate expiration time. Can be provided on POST if creating self-signed certificate. The expiration time range is between 1 day to 10 years.
hash_function	string	Hashing function. Can be provided on POST when creating a self-signed certificate. Hash functions md5 and sha1 are not allowed on POST.
key_size	integer	Key size of requested Certificate in bits. One of 512, 1024, 1536, 2048, 3072. Can be provided on POST if creating self-signed certificate with a minimum permissible value of 2048.
name	string	Certificate name or name of the certificate to be downloaded from the Azure Key Vault (AKV). If not provided in POST, a unique name specific to the SVM is automatically generated.
public_certificate	string	Public key Certificate in PEM format. If this is not provided in POST, a self-signed certificate is created.
scope	string	Set to "svm" for interfaces owned by an SVM. Otherwise, set to "cluster".
serial_number	string	Serial number of certificate.
subject_key_identifier	string	Provides the key identifier used to identify the public key in the SSL certificate.
svm	svm	SVM, applies only to SVM-scoped objects.
type	string	Type of Certificate. The following types are supported: client - a certificate and its private key used by an SSL client in ONTAP. server - a certificate and its private key used by an SSL server in ONTAP. client_ca - a Certificate Authority certificate used by an SSL server in ONTAP to verify an SSL client certificate. server_ca - a Certificate Authority certificate used by an SSL client in ONTAP to verify an SSL server certificate. root_ca - a self-signed certificate used by ONTAP to sign other certificates by acting as a Certificate Authority. enum: ["client", "server", "client_ca", "server_ca", "root_ca"] Introduced in: 9.6 x-nullable: true
uuid	string	Unique ID that identifies a certificate.

Name

Type

Description

_links

authority_key_identifier

string

Provides the key identifier of the issuing CA certificate that signed the SSL certificate.

azure

ca

string

Certificate authority

common_name

string

FQDN or custom common name. Provide on POST when creating a self-signed certificate.

expiry_time

string

Certificate expiration time. Can be provided on POST if creating self-signed certificate. The expiration time range is between 1 day to 10 years.

hash_function

string

Hashing function. Can be provided on POST when creating a self-signed certificate. Hash functions md5 and sha1 are not allowed on POST.

key_size

integer

Key size of requested Certificate in bits. One of 512, 1024, 1536, 2048, 3072. Can be provided on POST if creating self-signed certificate with a minimum permissible value of 2048.

name

string

Certificate name or name of the certificate to be downloaded from the Azure Key Vault (AKV). If not provided in POST, a unique name specific to the SVM is automatically generated.

public_certificate

string

Public key Certificate in PEM format. If this is not provided in POST, a self-signed certificate is created.

scope

string

Set to "svm" for interfaces owned by an SVM. Otherwise, set to "cluster".

serial_number

string

Serial number of certificate.

subject_key_identifier

string

Provides the key identifier used to identify the public key in the SSL certificate.

svm

SVM, applies only to SVM-scoped objects.

type

string

Type of Certificate. The following types are supported:

client - a certificate and its private key used by an SSL client in ONTAP.
server - a certificate and its private key used by an SSL server in ONTAP.
client_ca - a Certificate Authority certificate used by an SSL server in ONTAP to verify an SSL client certificate.
server_ca - a Certificate Authority certificate used by an SSL client in ONTAP to verify an SSL server certificate.
root_ca - a self-signed certificate used by ONTAP to sign other certificates by acting as a Certificate Authority.
enum: ["client", "server", "client_ca", "server_ca", "root_ca"]
Introduced in: 9.6
x-nullable: true

uuid

string

Unique ID that identifies a certificate.

error_arguments

Name	Type	Description
code	string	Argument code
message	string	Message argument

Name

Type

Description

code

string

Argument code

message

string

Message argument

returned_error

Name	Type	Description
arguments	array[error_arguments]	Message arguments
code	string	Error code
message	string	Error message
target	string	The target parameter that caused the error.

Name

Type

Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.

Retrieve security certificates

Creating your file...

Related ONTAP commands

Parameters

Response

Error

Definitions