Importing Azure Certificates
Use the post /v1/cckm/azure/certificates/import API to import a certificate to a Azure vault.
Syntax
curl -k '<IP>/api/v1/cckm/azure/certificates/import' -H 'Authorization: Bearer AUTHTOKEN' -H 'accept: application/json' -H 'Content-Type: application/json' --data-binary $'{\n "cert_name": "<cert_name>",\n "key_vault": "<key_vault>",\n "source_cert_identifier": "<source_cert_identifier>",\n "caid": "<caid>",\n "private_key_pem": "<private_key_pem>",\n "password": "<password>",\n "azure_param": {<azure_params>}' --compressed
Request Parameters
| Parameter | Type | Description |
|---|---|---|
| AUTHTOKEN | string | Authentication token. |
| caid | string | Name or ID of the certificate authority. |
| cert_name | string | Name for the certificate on Azure. Certificate names can only contain alphanumeric characters and dashes. |
| key_vault | string | Name or ID of the vault into which the certificate will be imported. |
| private_key_pem | string | Private key in the PEM format. |
| source_cert_identifier | string | ID of the certificate that will be imported into the Azure vault. |
| azure_param | JSON | Azure certificate parameters. Refer to Azure Parameters for details. |
| password | string | Password of the private key with which the certificate is encrypted. Not required if the certificate is not encrypted. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/azure/certificates/import' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJiOGVjMzg1YS03NTQ1LTRjMTgtYTkxOC01ZDM2ZDgxM2I3NWQiLCJzdWIiOiJsb2NhbHxiNjg1ZGQxNi05Yjk0LTRjY2ItOTY4YS0wY2I0NTBjNjE4ZTciLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiZWM2NDZhNWYtMWJiMC00NDlmLTg5MmMtNmE3YWFhMGM0ZjRkIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjU3NThhNzkwLWRhOWUtNDEzOC1hY2ZkLTU4OGMzMmRhMjBiZCIsImlhdCI6MTY1MzQ1NzYzMiwiZXhwIjoxNjUzNDU3OTMyfQ.vrqYXO1XUz5SA3KRik_QFT0kFYEs-LtsP_gU4bTs1d8' -H 'Content-Type: application/json' -H 'accept: application/json' --data-binary $'{\n "cert_name": "azure-cert",\n "key_vault": "260ecbe7-777b-4d3c-84ea-887620498863",\n "source_cert_identifier": "",\n "caid": "71655dbf-5e71-4cf3-a773-9c31e828a4d3",\n "private_key_pem": "",\n "password": "",\n "azure_param": {\n "tags": {\n "tagkey1": "tagval1",\n "tagkey2": "tagval2"\n }\n }\n}' --compressed
Example Response
{
"id": "71655dbf-5e71-4cf3-a773-9c31e828a4d3",
"uri": "kylo:kylo:cckm:azure-cert:abcdefg-71655dbf-5e71-4cf3-a773-9c31e828a4d3",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2022-05-09T10:46:37.988945Z",
"updatedAt": "2022-05-09T10:58:36.64513732Z",
"synced_at": "2022-05-09T10:46:32Z",
"cloud_name": "AzureCloud",
"key_vault": "azure-vault::260ecbe7-777b-4d3c-84ea-887620498863",
"key_vault_id": "5fb27dcd-9a6f-4508-ba9c-5dc630162a83",
"region": "northcentralus",
"tenant": "d27d849e-e487-4b0e-a54c-a71e67687d10",
"azure_created_at": "2022-05-09T10:46:32Z",
"azure_expire_at": "2023-05-09T10:46:32Z",
"azure_updated_at": "2022-05-09T10:46:32Z",
"backup": "ac1b43d844a742d9a0081f93d65bf9ec58077b9e2a224df798a794c694d1e197",
"backup_at": "2022-05-09T10:46:37.985596Z",
"cert_name": "test-cert",
"cert_soft_deleted_in_azure": false,
"deleted": false,
"gone": false,
"cert_material_origin": "native",
"cert_source": "native",
"operation": "",
"soft_delete_enabled": true,
"status": "AVAILABLE",
"version": "02e3b1cf6b9e48a5b514b8315d62f369",
"azure_param": {
"cert": "MIIEHTCCAwWgAwIBAgIQB4ugjHs/RQCEw4Toeoy10jANBgkqhkiG9w0BAQsFADBsMRcwFQYDVQQDEw53d3cuY29udG9zby5jbzETMBEGA1UECxMKQ29udG9zbyBIUjEQMA4GA1UEChMHQ29udG9zbzEQMA4GA1UEBxMHUmVkbW9uZDELMAkGA1UECBMCV0ExCzAJBgNVBAYTAlVTMB4XDTIyMDUwOTEwMzYzMloXDTIzMDUwOTEwNDYzMlowbDEXMBUGA1UEAxMOd3d3LmNvbnRvc28uY28xEzARBgNVBAsTCkNvbnRvc28gSFIxEDAOBgNVBAoTB0NvbnRvc28xEDAOBgNVBAcTB1JlZG1vbmQxCzAJBgNVBAgTAldBMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANa67roT9b/RWzqEwqp0InWVR2z8a27J9j1tEioSx3JJfH1mliZA5JG4vq77jv1t2C0KM8ChRhG9l+rd5wSQ7Gogt+Qt7Mq6+2YbxLyvx+ookQIvu7CZT7ZWSQiKNwdzklVe/b29aBclCSAzGJR3+90ZkLT2xTBx6QYFGqPyLavRSk4+TfYVj+s5cdEm/ZcfPFS478LXSTQaCMaiIOmBOdbIrepCh3zUz3uhCjtuWTgUTgssadCbjh3Qwa4YThoB6vQsdeUJ9rqZXtnWr8aIAEG1WGAHuknrIxJxFH4rQcuWX+B/c/4h40/tkwbZO6QPrALSxrqVe+4nS8tgggoCf30CAwEAAaOBujCBtzAOBgNVHQ8BAf8EBAMCBaAwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0RBDQwMoERaGVsbG9AY29udG9zby5jb22CDmhyLmNvbnRvc28uY29tgg1tLmNvbnRvc28uY29tMB8GA1UdIwQYMBaAFLiRr8LhYyUC/KV7W1SeFHrj0j/GMB0GA1UdDgQWBBS4ka/C4WMlAvyle1tUnhR649I/xjANBgkqhkiG9w0BAQsFAAOCAQEAzg5xO6w0GLfbNKu/RFoynj632yMJNerpjYjwGNcbEaMVNEt2LH0BJyIGpGEdnhfpoHfxSubPRGvcFsUc2E9VvDqan6sGalqQn1INUQnuF2joj+Tg75f+VuQZEh/JyzWKKxmrcymmSUdE8uYC1ssBkcGAcpPPb0fZIT37ohd0DZv+J+KXabM4Bu1IaiCZ6ObynNee3rNuKroNCIln361JsAdqJ5bdsTVFXY38tob1guN2ch6cYHH3TUoEkOqbyu0Z/UwHKCe7deIcZV2AIqD+H/9iii2+v9Hl0va7YMaXoPY/i2oe77VebtNhjARzCXzD/6an1vZb6lGByMY0BKaILQ==",
"kid": "https://azure-vault.vault.azure.net/keys/abcdefg/02e3b1cf6b9e48a5b514b8315d62f369",
"sid": "https://azure-vault.vault.azure.net/secrets/abcdefg/02e3b1cf6b9e48a5b514b8315d62f369",
"x5t": "8abSuIEC7VXk00Wtl7-3TQMAw-4",
"lifetime_actions": [
{
"action": {
"action_type": "AutoRenew"
},
"trigger": {
"lifetime_percentage": 80
}
}
],
"crv": "",
"exportable": true,
"key_size": 2048,
"kty": "RSA",
"content_type": "application/x-pkcs12",
"ekus": [
"1.3.6.1.5.5.7.3.1",
"1.3.6.1.5.5.7.3.2"
],
"key_usage": [
"digitalSignature",
"keyEncipherment"
],
"sans": {
"emails": [
"hello@contoso.com"
],
"dns_names": [
"hr.contoso.com",
"m.contoso.com"
]
},
"subject": "C=US, ST=WA, L=Redmond, O=Contoso, OU=Contoso HR, CN=www.contoso.co",
"validity_months": 12,
"issuer_name": "Self",
"attributes": {
"created": 1652093192,
"enabled": true,
"exp": 1683629192,
"nbf": 1652092592,
"recovery_level": "Purgeable",
"updated": 1652093192
}
}
}
Response Codes
| Response Code | Description |
|---|---|
| 2xx | Success |
| 4xx | Client errors |
| 5xx | Server errors |
Refer to HTTP status codes for details.
