NSX-T Data Center REST API

Add a New Certificate

Adds a new private-public certificate or a chain of certificates (CAs) and,
optionally, a private key that can be applied to one of the user-facing
components (appliance management or edge). The certificate and the key
should be stored in PEM format. If no private key is provided, the
certificate is used as a client certificate in the trust store.
A private key can be uploaded for a CA certificate only if the "purpose"
parameter is set to "signing-ca".

Request:

Method:

POST

URI Path(s):

/api/v1/trust-management/certificates?action=import

Request Headers:

n/a

Query Parameters:

n/a

Request Body:

TrustObjectData+

TrustObjectData (schema)

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
id	Unique identifier of this resource	string	Sortable
key_algo	Key algorithm contained in this certificate.	string
passphrase	Password for private key encryption.	string
pem_encoded	PEM encoded certificate data.	string	Required
private_key	Private key data.	string
purpose	Purpose of this certificate. Can be empty or set to "signing-ca".	string	Enum: signing-ca
resource_type	Must be set to the value TrustObjectData	string
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30

Example Request:

POST https://<nsx-mgr>/api/v1/trust-management/certificates?action=import { "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "private_key": "-----BEGIN RSA PRIVATE KEY----------END RSA PRIVATE KEY-----\n", "passphrase": "1234" }

Successful Response:

Response Code:

201 Created

Response Headers:

Content-type: application/json

Response Body:

CertificateList+

Name	Description	Type	Notes
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string	Readonly
result_count	Count of results found (across all pages), set only on first page	integer	Readonly
results	Certificate list.	array of Certificate	Required Readonly
sort_ascending	If true, results are sorted in ascending order	boolean	Readonly
sort_by	Field by which records are sorted	string	Readonly

Example Response:

{ "results": [ { "id": "506d00d6-bfd5-4ebe-8b7f-0236f8de4792", "display_name": "506d00d6-bfd5-4ebe-8b7f-0236f8de4792", "resource_type": "certificate_signed", "pem_encoded": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n", "has_private_key": true, "used_by": [], "_system_owned": false, "_last_modified_time": 1413369285811, "_create_time": 1413369285811, "_create_user": "admin", "_last_modified_user": "admin", "_protection": "NOT_PROTECTED", "_revision": 0 } ] }

NSX-T Data Center REST API

Add a New Certificate

Request:

TrustObjectData (schema)

Example Request:

Successful Response:

CertificateList (schema)

Example Response:

Required Permissions:

Feature:

Additional Errors: