REST API  15
REST API for Luna Network HSMs
PUT /api/lunasa/ntls/certificate

PUT /api/lunasa/ntls/certificate

Replaces the current NTLS certificate with a file.
The resource works in two different ways to install certificate:

  • User can upload and install the certificate using this single resource.
  • User can also provide the name of certificate file that has already been uploaded in user's home directory. The certificate can be uploaded through POST /users/{userid}/files.

User Privileges

Users with the following role privileges can perform this command:

  • admin

Header for uploading and installing the certificate

Content-Type

application/vnd.safenetinc.lunasa+octet-stream;version=

Header for providing file name to install the certificate

Content-Type

application/vnd.safenetinc.lunasa+json;version=

Parameters for uploading and installing certificate

The request takes in a file.

See File I/O

Parameters for providing file name to install the certificate

file

Specifies the filename of the certificate found in the user's home directory.

Use: Required

JSON Schema:

   Object
   type: string
   minLength: 1
   maxLength: 64
   pattern: [a-zA-Z0-9_. -]

Note: The file name should match the following criteria:

  1. File with .pem extension and contains valid certificate, can be accepted as certificate file
  2. File name should not start with dot character(.) and end with space

Responses

204

Success

Location

JSON Schema:

    id: Object
        type: string

"Location" is the URL to the task spawned to regenerate the certificate. The task is a waiting task.

400

NTLS_INVALID_CERTIFICATE

If certificate is not valid

APPLIANCE_EXPIRED_CERT

If certificate is currently expired

SERVER_REQUEST_NOT_APPROPRIATE

If user has not used octet-stream request for attaching file.

NTLS_INTERNAL_ERROR

If any unexpected error occurs

NTLS_FILENAME_NOT_VALID

If user has provided restricted certificate filename.

404

SERVERPLUGIN_FILEID_DOES_NOT_EXIST

If certificate provided does not exist

Example Request for uploading and installing the certificate using this resource.

The content type of the request needs to be application/vnd.safenetinc.luna+octet-stream to notify the server that it will be receiving a file. Attach the file with the request.

Header format:

    headers = {'Content-Type': "application/vnd.safenetinc.lunasa+octet-stream;version="}

  PUT
  https://1.2.3.4:8443/api/lunasa/ntls/certificate
  { }

Example Request for installing the certificate if it has already been uploaded in user's home directory.

  PUT
  https://1.2.3.4:8443/api/lunasa/ntls/certificate
  {
        "file":"signed_server.pem"
  }

Example Response

{}