POST – Rekey
Use the POST method to generate a new key-pair for a certificate and produces a certificate signing request.
Request URL
GET https://<BMC_IPADDR>/redfish/v1/Managers/1/NetworkProtocol/HTTPS/Certificates/{id}/Actions/Certificate.Rekey
Request body
| Field | Type | Description |
|---|---|---|
| KeyCurveId | String | Required. The curve ID to use with the key, if needed based on the KeyPairAlgorithm parameter value. Allowable value is “TPM_ECC_NIST_P384”. |
| KeyPairAlgorithm | String | Required. The type of key-pair for use with signing algorithms. Allowable value is “TPM_ALG_ECDH”. |
| KeyBitLength | Integer | Optional. The length of the key, in bits, if needed based on the KeyPairAlgorithm parameter value. |
| ChallengePassword | String | Optional. The challenge password to apply to the certificate for revocation requests. |
Response body
| Field | Type | Description |
|---|---|---|
| CSRString | String | The string for the certificate signing request. |
| Certificate | Link | The link to the certificate being rekeyed. |
Status code
| HTTP Status Code | Error Message ID |
|---|---|
| 400 | BadRequest, ActionParamMissing , ActionParamTypeError , ActionParamFormatError |
| 500 | InternalError |
Example
The POST body is filled as below:
{
"KeyCurveId": "TPM_ECC_NIST_P384",
"KeyPairAlgorithm": "TPM_ALG_ECDH"
}
The following example JSON response is returned.
{
"Certificate": {
"@odata.id": "/redfish/v1/Managers/1/NetworkProtocol/HTTPS/Certificates/1"
},
"CSRString": "-----BEGIN CERTIFICATE REQUEST-----\nMIICpDCCAioCAQAwTzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5DMQwwCgYDVQQHDANSVFAxDzANBgNVBAoMBkxlbm92bzEUMBIGA1UEAwwLWENDLTdaNjAtU04wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATMCJhOyPzqC7sxdTs9JiJvWNvKs0y9cocFjJnOeoijoKbMn2nSy5yQJwgoeKIoh2eBPnzGl58CI2pYd+APZSTyImltu34Hk+hGY4+ZGHJEI8fz5XOO+/tj7k8JEafbgumgggFaMIIBVgYJKoZIhvcNAQkOMYIBRzCCAUMwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwggEnBgNVHREEggEeMIIBGoILWENDLTdaNjAtU06CC1hDQy03WjYwLVNOhxD+gAAAAAAAAAqU7//+r06fgilmZTgwLS1hOTQtZWZmZi1mZWFmLTRlOWYuaXB2Ni1saXRlcmFsLm5ldIcQ/oAAAAAAAAAKlO///q9OoIIpZmU4MC0tYTk0LWVmZmYtZmVhZi00ZWEwLmlwdjYtbGl0ZXJhbC5uZXSHBKn+X3aHEP6AAAAAAAAACpTv//6rmbOCKWZlODAtLWE5NC1lZmZmLWZlYWItOTliMy5pcHY2LWxpdGVyYWwubmV0hwQKaMVIhxD+gAAAAAAAAAqU7//+q5m0gilmZTgwLS1hOTQtZWZmZi1mZWFiLTk5YjQuaXB2Ni1saXRlcmFsLm5ldDAKBggqhkjOPQQDAgNoADBlAjBJrD3MgJlD2pHV4QkaOQa8jbzl214J1rLB8IdKViaDVHgihiusCLPvUM2YCr6bSIcCMQDamvg6r6rPljcaGre8OUuojdANUWcihMVWTdIAtfzdaXHc/d/jjhr9BN2RF59OQLU=\n-----END CERTIFICATE REQUEST-----"
}
Give feedback