POST /api/v1/maintenance/certificateSigningRequest
Use this method to generate a Certificate Signing Request (CSR) using specific server-certificate settings or regenerate the CSR using the current settings. The existing CSR is overwritten with the new CSR.
Authentication
Authentication with user name and password is required.
Resource URI
POST https://{orchestrator_server_IP}/api/v1/maintenance/certificateSigningRequest
Query parameters
None
Request body
Attributes | Required / Optional | Type | Description | ||
---|---|---|---|---|---|
altNames | Optional | Array of objects | Information about the Subject Alternative Names to be included in Certificate Signing Request | ||
name | Required | String | Subject Alternative Name | ||
type | Required | String | RFC 5280 GeneralName type of this Subject Alternative Name | ||
commonName | Optional | String | Name of the certificate owner. Typically, this is the fully-qualified domain name (FQDN) or IP address of the server that is using the certificate (for example, www.domainname.com or 10.15.23.99) The length of this value cannot exceed 63 characters. The default is LXCO. | ||
country | Optional | String | Two-letter ISO 3166 code for the country or region of origin associated with the certificate organization (for example, US for the United States) To retrieve the country or region codes, use GET /api/v1/service/countryCodes. The default is US. | ||
organization | Optional | String | Organization (company) that is to own the certificate. Typically, this is the legal incorporate name of a company. It should include any suffixes, such as Ltd., Inc., or Corp (for example, ACME International Ltd.) The length of this value cannot exceed 60 characters. The default is generated by the server firmware. | ||
organizationUnit | Optional | String | Organizational unit that will own the certificate (for example, ABC Division) The length of this value cannot exceed 60 characters. The default is None. | ||
stateLocality | Optional | String | Full name of the locality (city) to be associated with the certificate (for example, San Jose) The length of the value cannot exceed 50 characters. The default is Raleigh. | ||
stateProvince | Optional | String | Full name of the state or province to be associated with the certificate (for example, California or New Brunswick) |
The following example generates the certificate signing request using the specified server certificate settings
{
"altNames": [{
"name": "bar.example.org",
"type": "DNS"
},
{
"name": "foo.example.org",
"type": "DNS"
},
{
"name": "10.241.54.111",
"type": "IP"
},
{
"name": "test@test.com",
"type": "email"
}],
"commonName": "10.241.54.169",
"country": "US",
"organization": "Lenovo",
"organizationUnit": "LXCO",
"stateLocality": "Raleigh",
"stateProvince": "North Carolina"
}
Response codes
Code | Description | Comments |
---|---|---|
200 | OK | The request completed successfully. |
400 | Bad Request | A query parameter or request attribute is missing or not valid, or the operation is not supported. A descriptive error message is returned in the response body. |
401 | Unauthorized | The user cannot be authenticated. Authentication has not been provided or has failed. A descriptive error message is returned in the response body. |
403 | Forbidden | The orchestrator server was prevented from fulfilling the request. A descriptive error message is returned in the response body. |
404 | Not found | The resource cannot be found. A descriptive error message is returned in the response body. |
408 | Request Timeout | The orchestrator server did not receive a required request in a specific amount of time. A descriptive error message is returned in the response body. |
409 | Conflict | There is a conflict with the current state of the resource. A descriptive error message is returned in the response body. |
500 | Internal Server Error | An internal error occurred. A descriptive error message is returned in the response body. |
Response header
Response body
Attributes | Type | Description | ||
---|---|---|---|---|
{message_attributes} | varies | Status messages (see Status messages) |
Give feedback