Skip to main content
REST API reference
A newer release of this product is available.

Add primary key servers to an external key manager

PDFs

POST /security/key-managers/{uuid}/key-servers

Adds key servers to a configured external key manager.

Required properties

  • uuid - UUID of the external key manager.

  • server - Key server name.

  • security key-manager external add-servers

Parameters

Name Type In Required Description

uuid

string

path

True

External key manager UUID

Request Body

Name Type Description

_links

_links

password

string

Password credentials for connecting with the key server. This is not audited.

records

array[records]

An array of key servers specified to add multiple key servers to a key manager in a single API call. Valid in POST only and not valid if server is provided.

server

string

External key server for key management. If no port is provided, a default port of 5696 is used. Not valid in POST if records is provided.
Example request 
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "password": "password",
  "records": [
    {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "password": "password",
      "server": "keyserver1.com:5698"
    }
  ],
  "server": "keyserver1.com:5698"
}

Response

Status: 201, Created
Name Type Description

_links

_links

num_records

integer

Number of records

records

array[key_server]
Example response 
{
  "_links": {
    "next": {
      "href": "/api/resourcelink"
    },
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "records": [
    {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "password": "password",
      "records": [
        {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          },
          "password": "password",
          "server": "keyserver1.com:5698"
        }
      ],
      "server": "keyserver1.com:5698"
    }
  ]
}

Error

Status: Default

ONTAP Error Response Codes

Error Code Description

65536822

Multitenant key management is not supported in the current cluster version.

65536828

External key management is not enabled for the SVM.

65536824

Multitenant key management is not supported in MetroCluster configurations.

65536038

A maximum of 4 active key servers are allowed.

65536871

Duplicate key management servers exist.

65536834

Failed to get existing key-server details for the SVM.

65536870

Key management servers already configured.

65536821

Certificate is not installed.

65536852

Failed to query supported KMIP protocol versions.

66060338

Failed to establish secure connection for a key management server due to incorrect server_ca certificates.

66060339

Failed to establish secure connection for a key management server due to incorrect client certificates.

66060340

Failed to establish secure connection for a key management server due to Cryptsoft error.

66060341

Failed to establish secure connection for a key management server due to network configuration issues.
Name Type Description

error

error
Example error 
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

_links

Name Type Description

self

href

records

Name Type Description

_links

_links

password

string

Password credentials for connecting with the key server. This is not audited.

server

string

External key server for key management. If no port is provided, a default port of 5696 is used. Not valid in POST if records is provided.

key_server

Name Type Description

_links

_links

password

string

Password credentials for connecting with the key server. This is not audited.

records

array[records]

An array of key servers specified to add multiple key servers to a key manager in a single API call. Valid in POST only and not valid if server is provided.

server

string

External key server for key management. If no port is provided, a default port of 5696 is used. Not valid in POST if records is provided.

_links

Name Type Description

next

href

self

href

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.