Skip to main content

LDAP CertificateCollection

The section is to keep the old APIs for customers who still use. After Redfish was updated to 1.8.a, there are new APIs for CertificateCollection, please refer to CertificateServiceresponse.

Request

Get LDAP CertificateCollection

GET https://{{ip}}/redfish/v1/Managers/Self/RemoteAccountService/LDAP/Certificates
GET https://{{ip}}/redfish/v1/Managers/Self/RemoteAccountService/LDAP/Certificates/Oem/Ami/ClientCertificates
Content-Type: application/json
Note
https://{{ip}}/redfish/v1/Managers/Self/RemoteAccountService/LDAP/Certificates is the collection URI for viewing root CA certificate collection required for LDAP authentication https://{{ip}}/redfish/v1/Managers/Self/RemoteAccountService/LDAP/Certificates/Oem/Ami/ClientCertificates is the collection URI for viewing client certificate collection required for LDAP authentication

Request

POST Upload LDAP Certificate

POST https://{{ip}}/redfish/v1/Managers/Self/RemoteAccountService/LDAP/Certificates
POST https://{{ip}}/redfish/v1/Managers/Self/RemoteAccountService/LDAP/Certificates/Oem/Ami/ClientCertificates
Content-Type: application/json
Note

  1. Performing POST operation to https://{{ip}}/redfish/v1/Managers/Self/RemoteAccountService/LDAP/Certificates will create/upload root CA certificate required for LDAP authentication.

  2. Performing POST operation to https://{{ip}}/redfish/v1/Managers/Self/RemoteAccountService/LDAP/Certificates/Oem/Ami/ClientCertificates will create/upload root CA certificate required for LDAP authentication. The private key required to upload into BMC will a part of the POST body in this URI.

Request body

Table 1. Lenovo OEM CertificateCollection POST Request Property

Name

Type

Description

CertificateString(M)

String

The string for the certificate signing request.
Note

  1. CertificateString must contain certificate string and private key string. Only support PKCS#1 and PKCS#8 (not encrypted) for private key string.

  2. CertificateString should reserve all end-of-line string from certificate file or from private key file, and they should be replaced as \n in request body.

  3. CertificateString should concatenate certificate string and private key string with \n, and certificate string should be in front of private key string.

CertificateType(M)

String

The link to the Certificate Resource Collection where the certificate is installed.

Note
CertificateType property only supports PEM format.
Example POST Request Body:
{
    "CertificateString":"-----BEGINCERTIFICATE-----
MIID1TCCAr2gAwIBAgIUSAJJEAGuieljqeIYlg0F43wA4aMwDQYJKoZIhvcNAQEL
BQAweTELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5hMRAwDgYD
VQQHEwdSYWxlaWdoMSUwIwYDVQQKExxHZW5lcmF0ZWQgYnkgU2VydmVyIEZpcm13
YXJlMQkwBwYDVQQLEwAxDTALBgNVBAMTBExYQ0EwIBcNNzAwMTAxMDAwMDAwWhgP
MjA2OTEyMzEyMzU5NTlaMHkxCzAJBgNVBAYTAlVTMRcwFQYDVQQIEw5Ob3J0aCBD
YXJvbGluYTEQMA4GA1UEBxMHUmFsZWlnaDElMCMGA1UEChMcR2VuZXJhdGVkIGJ5
IFNlcnZlciBGaXJtd2FyZTEJMAcGA1UECxMAMQ0wCwYDVQQDEwRMWENBMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfWK7ywcwc/yjDyYdUB80L+0WrvA
N2UGkcWuQJDL7AuwZ7gpwGKyhvDicENJkvOoHBWBWgo1I6Ec1+tnDkSoAvh1Z0S5
bGNzGvlVZ+VQWR0V/SzmEKbN6Q2YkdsYurx4jZ0DYtIPMdsT99J5LXU6VROLJIn+
Zh0ypurXefZc+1Oew5gsM1qhEKgxDfflLn0Lkfxj7uxtSjVezTpFUUC2Ps3z9+/c
lEx/vo6AdLhsDRViSjzIYxnMIy2JLUkTk6LfymjoPb9AlucNf/Eaelt0XnE9dgzE
15hZcEQImurreJhsQXEQIgRB8W/+FOKfQapm2AwUIhiqLHkRvWMp6EaazQIDAQAB
o1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS9XeuvFwRq6jQEBSvpIueF
npbDmzAfBgNVHSMEGDAWgBS9XeuvFwRq6jQEBSvpIueFnpbDmzANBgkqhkiG9w0B
AQsFAAOCAQEAlMmKnJHR9dcUZwV+a7gaFlYFfkz2m5F+jZrkapujj3S0x94KU1su
GukAdvzQJwsDwoXFEIpIQKorfRUxYOyrRkBDJrN/pKsYfgtnNMH1JyKg3yxoOuCf
x+VrtVZTPHIlothINqoGPL9pXChaGlRbXX17KsclC33Ca1DfZALEkNBZSdfJeJP9
zbvG7E3PS1evxrlCGvcUpP60AvzHHqfgMi/8whhnSmCCvf5JlTXk2Ewp5fr7bLUd
70W+pOzLSgNK4tMsyXj/ok+obVHcGM6lqdeTMuoCt6olVp8AzsPcthnYOzQP1C50
se3jPZxN+eRXuL6R5qMsLDHd4vGx02VmOg==
-----ENDCERTIFICATE-----",
"CertificateType":"PEM",
"Oem":{
"Ami":{
"CACert":true
    }
  }
}

Response

The response status is 201 and the response body is a GET Response with the properties of the newly created Certificate.