SSLKeyAndCertificate

SSLKeyAndCertificate
SSLKeyAndCertificate
JSON Example
{
    "_last_modified": "string",
    "ca_certs": [
        {
            "ca_ref": "string",
            "name": "string"
        }
    ],
    "certificate": {
        "certificate": "string",
        "certificate_signing_request": "string",
        "chain_verified": false,
        "days_until_expire": 0,
        "expiry_status": "string",
        "fingerprint": "string",
        "issuer": {
            "common_name": "string",
            "country": "string",
            "distinguished_name": "string",
            "email_address": "string",
            "locality": "string",
            "organization": "string",
            "organization_unit": "string",
            "state": "string"
        },
        "key_params": {
            "algorithm": "string",
            "ec_params": {
                "curve": "string"
            },
            "rsa_params": {
                "exponent": 0,
                "key_size": "string"
            }
        },
        "not_after": "string",
        "not_before": "string",
        "public_key": "string",
        "self_signed": false,
        "serial_number": "string",
        "signature": "string",
        "signature_algorithm": "string",
        "subject": {
            "common_name": "string",
            "country": "string",
            "distinguished_name": "string",
            "email_address": "string",
            "locality": "string",
            "organization": "string",
            "organization_unit": "string",
            "state": "string"
        },
        "subject_alt_names": [
            "string"
        ],
        "text": "string",
        "version": "string"
    },
    "certificate_base64": false,
    "certificate_management_profile_ref": "string",
    "configpb_attributes": {
        "version": 0
    },
    "created_by": "string",
    "dynamic_params": [
        {
            "is_dynamic": false,
            "is_sensitive": false,
            "name": "string",
            "value": "string"
        }
    ],
    "enable_ocsp_stapling": false,
    "enckey_base64": "string",
    "enckey_name": "string",
    "format": "string",
    "hardwaresecuritymodulegroup_ref": "string",
    "import_key_to_hsm": false,
    "is_federated": false,
    "key": "string",
    "key_base64": false,
    "key_params": {
        "algorithm": "string",
        "ec_params": {
            "curve": "string"
        },
        "rsa_params": {
            "exponent": 0,
            "key_size": "string"
        }
    },
    "key_passphrase": "string",
    "markers": [
        {
            "key": "string",
            "values": [
                "string"
            ]
        }
    ],
    "name": "string",
    "ocsp_config": {
        "failed_ocsp_jobs_retry_interval": 0,
        "max_tries": 0,
        "ocsp_req_interval": 0,
        "ocsp_resp_timeout": 0,
        "responder_url_lists": [
            "string"
        ],
        "url_action": "string"
    },
    "ocsp_error_status": "string",
    "ocsp_responder_url_list_from_certs": [
        "string"
    ],
    "ocsp_response_info": {
        "cert_status": "string",
        "next_update": "string",
        "ocsp_resp_from_responder_url": "string",
        "ocsp_response": "string",
        "revocation_reason": "string",
        "revocation_time": "string",
        "this_update": "string"
    },
    "status": "string",
    "tenant_ref": "string",
    "type": "string",
    "url": "string",
    "uuid": "string"
}
string
_last_modified
Optional

UNIX time since epoch in microseconds. Units(MICROSECONDS).

ca_certs
Optional

CA certificates in certificate chain. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

certificate
Required

certificate

boolean
certificate_base64
Optional

States if the certificate is base64 encoded. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
certificate_management_profile_ref
Optional

It is a reference to an object of type CertificateManagementProfile. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

configpb_attributes
Optional

configpb_attributes

string
created_by
Optional

Creator name. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

dynamic_params
Optional

Dynamic parameters needed for certificate management profile. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

boolean
enable_ocsp_stapling
Optional

Enables OCSP Stapling. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials edition(Allowed values- false), Basic edition(Allowed values- false), Enterprise with Cloud Services edition.

string
enckey_base64
Optional

Encrypted private key corresponding to the private key (e.g. those generated by an HSM such as Thales nShield). Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
enckey_name
Optional

Name of the encrypted private key (e.g. those generated by an HSM such as Thales nShield). Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
format
Optional
Constraints: default: SSL_PEM

Format of the Key/Certificate file. Enum options - SSL_PEM, SSL_PKCS12. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
hardwaresecuritymodulegroup_ref
Optional

It is a reference to an object of type HardwareSecurityModuleGroup. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

boolean
import_key_to_hsm
Optional

Flag to enable Private key import to HSM while importing the certificate. Field introduced in 22.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

boolean
is_federated
Optional

It Specifies whether the object has to be replicated to the GSLB followers. Field introduced in 22.1.3. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

string
key
Optional

Private key. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

boolean
key_base64
Optional

States if the private key is base64 encoded. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

key_params
Optional

key_params

string
key_passphrase
Optional

Passphrase used to encrypt the private key. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

markers
Optional

List of labels to be used for granular RBAC. Field introduced in 20.1.5. Allowed in Enterprise edition with any value, Essentials edition with any value, Basic edition with any value, Enterprise with Cloud Services edition.

string
name
Required

Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

ocsp_config
Optional

ocsp_config

string
ocsp_error_status
Optional
Constraints: default: OCSP_ERR_CERTSTATUS_DISABLED

Error reported during OCSP status query. Enum options - OCSP_ERR_CERTSTATUS_GOOD, OCSP_ERR_CERTSTATUS_REVOKED, OCSP_ERR_CERTSTATUS_UNKNOWN, OCSP_ERR_CERTSTATUS_SERVERFAIL_ERR, OCSP_ERR_CERTSTATUS_JOBDB, OCSP_ERR_CERTSTATUS_DISABLED, OCSP_ERR_CERTSTATUS_GETCERT, OCSP_ERR_CERTSTATUS_NONVSCERT, OCSP_ERR_CERTSTATUS_SELFSIGNED, OCSP_ERR_CERTSTATUS_CERTFINISH, OCSP_ERR_CERTSTATUS_CACERT, OCSP_ERR_CERTSTATUS_REQUEST, OCSP_ERR_CERTSTATUS_ISSUER_REVOKED, OCSP_ERR_CERTSTATUS_PARSE_CERT, OCSP_ERR_CERTSTATUS_HTTP_REQ, OCSP_ERR_CERTSTATUS_URL_LIST, OCSP_ERR_CERTSTATUS_HTTP_SEND, OCSP_ERR_CERTSTATUS_HTTP_RECV, OCSP_ERR_CERTSTATUS_HTTP_RESP. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Essentials edition(Allowed values- OCSP_ERR_CERTSTATUS_DISABLED), Basic edition(Allowed values- OCSP_ERR_CERTSTATUS_DISABLED), Enterprise with Cloud Services edition.

array of string
ocsp_responder_url_list_from_certs
Optional

This is an Internal field to store the OCSP Responder URLs contained in the certificate. Field introduced in 20.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.

ocsp_response_info
Optional

ocsp_response_info

string
status
Optional
Constraints: default: SSL_CERTIFICATE_FINISHED

Enum options - SSL_CERTIFICATE_FINISHED, SSL_CERTIFICATE_PENDING. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
tenant_ref
Optional

It is a reference to an object of type Tenant. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
type
Optional

Enum options - SSL_CERTIFICATE_TYPE_VIRTUALSERVICE, SSL_CERTIFICATE_TYPE_SYSTEM, SSL_CERTIFICATE_TYPE_CA. Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.

string
url
Optional

url

string
uuid
Optional

Allowed in Enterprise edition with any value, Essentials, Basic, Enterprise with Cloud Services edition.