Skip to main content
A newer release of this product is available.

Retrieve key managers

Contributors

GET /security/key-managers/{uuid}

Retrieves key managers.

  • security key-manager show-keystore

  • security key-manager external show

Parameters

Name Type In Required Description

uuid

string

path

True

Key manager UUID

fields

array[string]

query

False

Specify the fields to return.

Response

Status: 200, Ok
Name Type Description

_links

_links

external

external

Configures external key management

onboard

onboard

Configures onboard key management. After configuring onboard key management, save the encrypted configuration data in a safe location so that you can use it if you need to perform a manual recovery operation.

scope

string

Set to "svm" for interfaces owned by an SVM. Otherwise, set to "cluster".

svm

svm

SVM, applies only to SVM-scoped objects.

uuid

string

Example response
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "external": {
    "client_certificate": {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
    },
    "server_ca_certificates": [
      {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
      }
    ],
    "servers": [
      {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "server": "keyserver1.com:5698",
        "timeout": 60,
        "username": "username"
      }
    ]
  },
  "onboard": {
    "existing_passphrase": "The cluster password of length 32-256 ASCII characters.",
    "passphrase": "The cluster password of length 32-256 ASCII characters."
  },
  "scope": "string",
  "svm": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  },
  "uuid": "string"
}

Error

Status: Default, Error
Name Type Description

error

error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

client_certificate

Client certificate

Name Type Description

_links

_links

uuid

string

Certificate UUID

server_ca_certificates

Security certificate object reference

Name Type Description

_links

_links

uuid

string

Certificate UUID

key_server_readcreate

Name Type Description

_links

_links

server

string

External key server for key management. If no port is provided, a default port of 5696 is used.

timeout

integer

I/O timeout in seconds for communicating with the key server.

username

string

Username credentials for connecting with the key server.

external

Configures external key management

Name Type Description

client_certificate

client_certificate

Client certificate

server_ca_certificates

array[server_ca_certificates]

The UUIDs of the server CA certificates already installed in the cluster or SVM. The array of certificates are common for all the keyservers per SVM.

servers

array[key_server_readcreate]

The set of external key servers.

onboard

Configures onboard key management. After configuring onboard key management, save the encrypted configuration data in a safe location so that you can use it if you need to perform a manual recovery operation.

Name Type Description

enabled

boolean

Is the onboard key manager enabled?

existing_passphrase

string

The cluster-wide passphrase. This is not audited.

passphrase

string

The cluster-wide passphrase. This is not audited.

svm

SVM, applies only to SVM-scoped objects.

Name Type Description

_links

_links

name

string

The name of the SVM.

uuid

string

The unique identifier of the SVM.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.