Soft-Deleting Azure Certificates
Use the post /v1/cckm/azure/certificates/{id}/soft-delete
API to soft-delete an Azure certificate from the Azure vault. The status becomes SOFT-DELETED. A SOFT-DELETED certificate can be purged or recovered.
Caution
This operation permanently deletes certificates from a non-soft enabled vault. The status of the certificates becomes DELETED. Azure cannot recover such certificates. The effect of soft-delete
on non-soft enabled vaults is the same as soft-delete enabled/disabled.
Syntax
curl -k '<IP>/api/v1/cckm/azure/certificates/{id}/soft-delete' -X POST -H 'Authorization: Bearer AUTHTOKEN' -H 'accept: application/json' --compressed
Here, {id}
is the resource ID of the certificate on the CipherTrust Manager.
Request Parameter
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authorization token. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/azure/certificates/ac60afa2-975b-4cdf-8b7c-c12fa6ae25a2/soft-delete' -X POST -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI1MDIzNTY1Yy0xOWI3LTQyY2UtODZmMi1jNWI3 MTA1MTJhZjMiLCJzdWIiOiJsb2NhbHwwMWI4M2EwZS1mY2U1LTQ5MjgtODhiNi0zNTNkMmQ3ZTBiNDMiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb2 1haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiZGJlNzU2MWYtZDVhOS00ZGEzLWJiZTEtNjlhMTg0Y2U3YzEzIiwiem9uZV9pZCI6IjAwMDAw MDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjRmMGExN2Y0LWQxOGUtNGE5YS04ZWM2LTU1ZjI2ZjJjNTMzMiIsImlhdCI6MTYwMTQ2MTEwNiwiZXhwIjoxNjAxNDYxNDA2fQ.P_d2ngOq_AlxqXhfG-saEvQRYZCSzQbzR2S6Jzv6Ogs' -H 'accept: application/json' --compressed
Example Response
{
"id": "ac60afa2-975b-4cdf-8b7c-c12fa6ae25a2",
"uri": "kylo:kylo:cckm:azure-cert:test-key-7335d718-0ae7-4fe3-847b-923fec451a49",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2022-04-13T04:53:51.545974Z",
"updatedAt": "2022-04-13T04:53:51.545974Z",
"synced_at": "2022-04-13T04:53:48Z",
"cloud_name": "AzureCloud",
"key_vault": "vault-name::260ecbe7-777b-4d3c-84ea-887620498863",
"key_vault_id": "84340213-a515-43d1-acc4-e2eaa6efbe94",
"region": "northcentralus",
"tenant": "781b4642-6e0e-4794-94df-6b0878ab0317",
"azure_created_at": "2022-04-13T04:53:48Z",
"azure_expire_at": "2023-04-13T04:53:48Z",
"azure_updated_at": "2022-04-13T04:53:48Z",
"backup": "2cfc152fabb44a7b8f1c4756fa1ae27df87951f2f67649469062426d0729a50a",
"backup_at": "2022-04-13T04:53:51.526254Z",
"cert_name": "test-key",
"cert_soft_deleted_in_azure": true,
"deleted": false,
"gone": false,
"cert_material_origin": "native",
"cert_source": "native",
"operation": "",
"soft_delete_enabled": true,
"status": "SOFT-DELETED",
"version": "9fd11952d150458aad34cbbd46917e2c",
"azure_param": {
"cer": "MIIEHTCCAwWgAwIBAgIQWUNS9FBbSCy/Qaq/uLYvkjANBgkqhkiG9w0BAQsFADBsMRcwFQYDVQQDEw53d3cuY29udG9zby5jbzETMBEGA1UECxMKQ29udG9zbyBIUjEQMA4GA1UEChMHQ29udG9zbzEQMA4GA1UEBxMHUmVkbW9uZDELMAkGA1UECBMCV0ExCzAJBgNVBAYTAlVTMB4XDTIyMDQxMzA0NDM0OFoXDTIzMDQxMzA0NTM0OFowbDEXMBUGA1UEAxMOd3d3LmNvbnRvc28uY28xEzARBgNVBAsTCkNvbnRvc28gSFIxEDAOBgNVBAoTB0NvbnRvc28xEDAOBgNVBAcTB1JlZG1vbmQxCzAJBgNVBAgTAldBMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALk7gxsEGxbbV9nUQSXkSd+S4zCw2RwhWMMen6l4c5ZJYQrRetbOSEFge5+um4ejGUy+OCvyK4r9J8dM8ztzDbuEq3jgviEKh8Sz3UXvt6DdOuXs0NCNpuoclSz9wM8NYILJXCZbpUkbQwzmOMIqvWATqcZsrtJXzWDfFkCm4Ll8Ap0x5rjZPGc9YS7c4g/xb5yYYR/pnLhG57DpR4IFOWnDwT7w26mjH/HVWOric6326aA3BKXSGhK6bdIHKoXEQmw3jfL58Z0iRySFJxeNR3eWv4weKgV0cVaAT734XNIEW+gVb7oqYarpY2zQsgfWXAAGH+8OkxGYR5JfNIl3GFECAwEAAaOBujCBtzAOBgNVHQ8BAf8EBAMCBaAwCQYDVR0TBAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0RBDQwMoERaGVsbG9AY29udG9zby5jb22CDmhyLmNvbnRvc28uY29tgg1tLmNvbnRvc28uY29tMB8GA1UdIwQYMBaAFAXkX14BV6dCq3JtcqH/5I+IX3OaMB0GA1UdDgQWBBQF5F9eAVenQqtybXKh/+SPiF9zmjANBgkqhkiG9w0BAQsFAAOCAQEArA40DeRuED/u3rul4NvvbUgJTmMqdm12jOOq1gz2HDgp6+7j3eZNPNM8HqoMFtzSKHu1WhUce7V5vRVLJDfglrXt3Q8dJwfqz/O6+yHdjXWoZ7j2SdPcRf7U/GKhPqcENE/4beNawDCtePRgQRiJjzsKnpztilnQSmYIl+W1cmOI2JFHpLl9BONGdlqEjR1iqlxH6nqT1RVjcdJA2tgl2zx1bxcn8ED4jTVAXDVDCoHSuUPowLALBmsd5DL5Ss2OunI9CICOvqs74cpEUy+XeO6LT+AFISD5c0G2knqfS2jd9bsgoN7NnrpP9OsfS6vx3YFgNQ3Co3vNeeQPg+WbhQ==",
"kid": "https://vault-name.vault.azure.net/keys/test-key/9fd11952d150458aad34cbbd46917e2c",
"sid": "https://vault-name.vault.azure.net/secrets/test-key/9fd11952d150458aad34cbbd46917e2c",
"x5t": "8_iKF29OF6pYgi5RMOp2Tlr9xjA",
"lifetime_actions": [
{
"action": {
"action_type": "AutoRenew"
},
"trigger": {
"days_before_expiry": 80
}
}
],
"crv": "",
"exportable": true,
"key_size": 2048,
"kty": "RSA",
"content_type": "application/x-pkcs12",
"ekus": [
"1.3.6.1.5.5.7.3.1",
"1.3.6.1.5.5.7.3.2"
],
"key_usage": [
"digitalSignature",
"keyEncipherment"
],
"sans": {
"emails": [
"hello@contoso.com"
],
"dns_names": [
"hr.contoso.com",
"m.contoso.com"
]
},
"subject": "C=US, ST=WA, L=Redmond, O=Contoso, OU=Contoso HR, CN=www.contoso.co",
"validity_months": 12,
"issuer_name": "Self",
"attributes": {
"created": 1649825628,
"enabled": true,
"exp": 1681361628,
"nbf": 1649825028,
"recoverable_days": 7,
"recovery_level": "CustomizedRecoverable+Purgeable",
"updated": 1649825628
},
"tags": {
"tagkey1": "tagval1",
"tagkey2": "tagval2"
}
},
"version_count": 1
}
The sample output shows that the status is set to SOFT-DELETED
. This indicates that the certificate is soft-deleted from the vault.
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.