Skip to main content
A newer release of this product is available.

Update a primary key server

Contributors

PATCH /security/key-managers/{uuid}/key-servers/{server}

Updates a key server.

  • security key-manager external modify-server

Parameters

Name Type In Required Description

uuid

string

path

True

External key manager UUID

server

string

path

True

Key server configured in the external key manager.

Request Body

Name Type Description

_links

_links

connectivity

connectivity

This property returns the key server connectivity state on all nodes of the cluster. The state is returned for a node only if the connectivity is not in an available state on that node. This is an advanced property; there is an added cost to retrieving its value. The property is not populated for either a collection GET or an instance GET unless it is explicitly requested using the fields query parameter or GET for all advanced properties is enabled.

password

string

Password credentials for connecting with the key server. This is not audited.

records

array[records]

An array of key servers specified to add multiple key servers to a key manager in a single API call. Valid in POST only and not valid if server is provided.

server

string

External key server for key management. If no port is provided, a default port of 5696 is used. Not valid in POST if records is provided.

timeout

integer

I/O timeout in seconds for communicating with the key server.

username

string

KMIP username credentials for connecting with the key server.

Example request
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "connectivity": {
    "records": [
      {
        "node": {
          "_links": {
            "self": {
              "href": "/api/resourcelink"
            }
          },
          "name": "node1",
          "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
        },
        "state": "not_responding"
      }
    ]
  },
  "password": "password",
  "records": [
    {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "connectivity": {
        "records": [
          {
            "node": {
              "_links": {
                "self": {
                  "href": "/api/resourcelink"
                }
              },
              "name": "node1",
              "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
            },
            "state": "not_responding"
          }
        ]
      },
      "password": "password",
      "server": "keyserver1.com:5698",
      "timeout": 60,
      "username": "username"
    }
  ],
  "server": "keyserver1.com:5698",
  "timeout": 60,
  "username": "username"
}

Response

Status: 200, Ok

Error

Status: Default

ONTAP Error Response Codes

Error Code Description

65536822

Multitenant key management is not supported in the current cluster version.

65536824

Multitenant key management is not supported in MetroCluster configurations.

65536828

External key management is not enabled for the SVM.

65536843

The key management server is not configured for the SVM.

65536845

Missing username.

65536846

Missing password.

Name Type Description

error

error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

node

Name Type Description

_links

_links

name

string

uuid

string

key_server_state

The state of the key server for a specific node.

Name Type Description

node

node

state

string

Key server connectivity state

connectivity

This property returns the key server connectivity state on all nodes of the cluster. The state is returned for a node only if the connectivity is not in an available state on that node. This is an advanced property; there is an added cost to retrieving its value. The property is not populated for either a collection GET or an instance GET unless it is explicitly requested using the fields query parameter or GET for all advanced properties is enabled.

Name Type Description

cluster_availability

boolean

Set to true when key server connectivity state is available on all nodes of the cluster.

records

array[key_server_state]

An array of key server connectivity states for each node.

records

Name Type Description

_links

_links

connectivity

connectivity

This property returns the key server connectivity state on all nodes of the cluster. The state is returned for a node only if the connectivity is not in an available state on that node. This is an advanced property; there is an added cost to retrieving its value. The property is not populated for either a collection GET or an instance GET unless it is explicitly requested using the fields query parameter or GET for all advanced properties is enabled.

password

string

Password credentials for connecting with the key server. This is not audited.

server

string

External key server for key management. If no port is provided, a default port of 5696 is used. Not valid in POST if records is provided.

timeout

integer

I/O timeout in seconds for communicating with the key server.

username

string

KMIP username credentials for connecting with the key server.

key_server

Name Type Description

_links

_links

connectivity

connectivity

This property returns the key server connectivity state on all nodes of the cluster. The state is returned for a node only if the connectivity is not in an available state on that node. This is an advanced property; there is an added cost to retrieving its value. The property is not populated for either a collection GET or an instance GET unless it is explicitly requested using the fields query parameter or GET for all advanced properties is enabled.

password

string

Password credentials for connecting with the key server. This is not audited.

records

array[records]

An array of key servers specified to add multiple key servers to a key manager in a single API call. Valid in POST only and not valid if server is provided.

server

string

External key server for key management. If no port is provided, a default port of 5696 is used. Not valid in POST if records is provided.

timeout

integer

I/O timeout in seconds for communicating with the key server.

username

string

KMIP username credentials for connecting with the key server.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.