Please Note:

You are not viewing the most recent version of this page. 8.17.1 is the latest version available.

CertImport

This API imports certificate and its private Key, if required.

URL

<http/https>://<host-name>:<Port>/protectappws/services/rest/certImport

Input Parameters

Parameter	Description
username	User name.
password	Password associated with the user.
certname	Name of the certificate to import.
certisdeletable	Sets whether the certificate can be deleted via the API, default is false.
certisexportable	Sets whether the certificate can be exported via the API, default is false.
certificate	Certificate to be imported, in PKCS1, PKCS#8, or PKCS#12 format.
certpassword	Optional, if password provided certificate must be Hex encoded.
certAlias	Client certificate alias for making SSL connections (optional).
certPass	Password for the provided certificate alias (optional).

Sample REST call for cxf

request

{
    "Cert_Import": {
        "certname": "naanq",
        "username": "jcetest",
        "password": "asdf1234",
        "isdeletable": "true",
        "isexportable": "true",
        "certificate": "-----BEGIN CERTIFICATE-----MIIDvzCCAqegAwIBAgIDAJ5EMA0GCSqGSIb3DQEBCwUAMIGbMQswCQYDVQQGEwJV
    [… sample truncated for brevity …]
    OcqQnevrP4rbUC/5W6+gO0m5ZjMDKryAyW4RiNCboGKtVTVcz68J0+75RTvycjWK
    ibEI
    -----END CERTIFICATE-----
    -----BEGIN RSA PRIVATE KEY-----
    MIIEowIBAAKCAQEAhLItSYS7WHe22H+VOyj5GlAkwcylRsCAl/kbLBUW5adSB5K3
    [… sample truncated for brevity …]
    mzXC86k6UN7ya29wDFuWwLK+gnwD2THORrdk5U+1B0PywK4JdDOR
    -----END RSA PRIVATE KEY-----
    }
}

response

{
    "CertImportResponse": {
        "CertImportResponse": "true"
    }
}

Sample SOAP Parameters

<prot:Cert_Import>
    <username>cryptouser</username>
    <password>qwerty1234</password>
    <certname>pkcs1samplevtN</certname>
    <certisdeletable>true</certisdeletable>
    <certisexportable>true</certisexportable>
    <certificate>-----BEGIN CERTIFICATE-----
    MIIDvzCCAqegAwIBAgIDAJ5EMA0GCSqGSIb3DQEBCwUAMIGbMQswCQYDVQQGEwJV
    [… sample truncated for brevity … ]
    OcqQnevrP4rbUC/5W6+gO0m5ZjMDKryAyW4RiNCboGKtVTVcz68J0+75RTvycjWK
    ibEI
    -----END CERTIFICATE-----
    -----BEGIN RSA PRIVATE KEY-----
    MIIEowIBAAKCAQEAhLItSYS7WHe22H+VOyj5GlAkwcylRsCAl/kbLBUW5adSB5K3
    [… sample truncated for brevity … ]
    mzXC86k6UN7ya29wDFuWwLK+gnwD2THORrdk5U+1B0PywK4JdDOR
    -----END RSA PRIVATE KEY-----
    </certificate>
    <!--Optional:-->
    <certpassword></certpassword>
</prot:Cert_Import>

Output

boolean – indicates import success.

<ns1:Cert_ImportResponse xmlns:ns1="http://dsws.org/protectappws/">true</ns1:Cert_ImportResponse>

Note

To import a PKCS12 certificate using web , you must provide the certpassword field in import request. In this case, certificate data tag must be sent in Hex Format.
The sample certificates are included as a convenience. You can also use your own certificates, just be sure that your PKCS#12 certificate is encrypted using 3DES, otherwise you will see the error: “1559: Certificate could not be verified”. If you need to create your own PKCS#12 certificate using 3DES, you can use openssl, with the following statement as a guide:
openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in cert.txt -inkey privateKeyInPKCS1 -out thepkcs12.cert -name someCommonNameForCert

CertImport

URL

Input Parameters

Sample REST call for cxf

Sample SOAP Parameters

Output

On this page

Suggest A Change