Skip to main content

Add a CA certificate to IPsec

Contributors

POST /security/ipsec/ca-certificates

Introduced In: 9.10

Add CA certificate to IPsec. The CA certificate should already be installed on the cluster prior to adding them to IPsec. The CA certificate can be installed on the cluster using the /security/certificates endpoint. The svm.uuid or svm.name should not be supplied for certificates that have a scope of cluster.

  • security ipsec ca-certificate add

Parameters

Name Type In Required Description

return_records

boolean

query

False

The default is false. If set to true, the records are returned.

  • Default value:

Request Body

Name Type Description

certificate

certificate

IPsec CA certificate UUID

scope

string

Set to "svm" for interfaces owned by an SVM. Otherwise, set to "cluster".

svm

svm

SVM, applies only to SVM-scoped objects.

Example request
{
  "certificate": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
  },
  "scope": "string",
  "svm": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  }
}

Response

Status: 201, Created
Name Type Description

_links

_links

num_records

integer

Number of records

records

array[ipsec_ca_certificate]

Example response
{
  "_links": {
    "next": {
      "href": "/api/resourcelink"
    },
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "num_records": 1,
  "records": [
    {
      "certificate": {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
      },
      "scope": "string",
      "svm": {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "name": "svm1",
        "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
      }
    }
  ]
}

Headers

Name Description Type

Location

Useful for tracking the resource location

string

Error

Status: Default

ONTAP Error Response Codes

Error Code Description

66257304

CA certificate is not installed.

Also see the table of common errors in the Response body overview section of this documentation.

Name Type Description

error

returned_error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

certificate

IPsec CA certificate UUID

Name Type Description

_links

_links

uuid

string

Certificate UUID

svm

SVM, applies only to SVM-scoped objects.

Name Type Description

_links

_links

name

string

The name of the SVM. This field cannot be specified in a PATCH method.

uuid

string

The unique identifier of the SVM. This field cannot be specified in a PATCH method.

ipsec_ca_certificate

Name Type Description

certificate

certificate

IPsec CA certificate UUID

scope

string

Set to "svm" for interfaces owned by an SVM. Otherwise, set to "cluster".

svm

svm

SVM, applies only to SVM-scoped objects.

Name Type Description

next

href

self

href

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

returned_error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.