.. _pki: pki === PKI Commands pki Specification ----------------- ===================================== ============================================ ===================================== ============================================ **Type** *Intermediate Resource* **Element Name** pki **Element URI** /axapi/v3/pki **Element Attributes** pki_attributes **Schema** :download:`pki schema ` ===================================== ============================================ **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Get Object .. raw:: html GET .. raw:: html /axapi/v3/pki .. raw:: html pki_attributes .. raw:: html
.. _1189_pki_attributes: pki attributes -------------- **ca-cert** **Description:** ca-cert is a **JSON Block**. Please see below for :ref:`1189_ca-cert` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/ca-cert ` **cert** **Description:** cert is a **JSON Block**. Please see below for :ref:`1189_cert` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/cert ` **cert-stats** **Description:** cert-stats is a **JSON Block**. Please see below for :ref:`1189_cert-stats` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/cert-stats ` **copy-cert** **Description:** copy-cert is a **JSON Block**. Please see below for :ref:`1189_copy-cert` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/copy-cert ` **copy-key** **Description:** copy-key is a **JSON Block**. Please see below for :ref:`1189_copy-key` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/copy-key ` **create-oper** **Description:** create-oper is a **JSON Block**. Please see below for :ref:`1189_create-oper` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/create-oper ` **delete** **Description:** delete is a **JSON Block**. Please see below for :ref:`1189_delete` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/delete ` **delete-oper** **Description:** delete-oper is a **JSON Block**. Please see below for :ref:`1189_delete-oper` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/delete-oper ` **placeholder** **Description** **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **scep-cert-list** **Type:** List **Reference Object:** :doc:`/axapi/v3/pki/scep-cert/{name} ` **ssli** **Description:** ssli is a **JSON Block**. Please see below for :ref:`1189_ssli` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/ssli ` .. _1189_cert-stats: cert-stats ^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1189_delete-oper: delete-oper ^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **filename** **Description** **Type:** string **Maximum Length:** 245 characters **Maximum Length:** 1 characters .. _1189_scep-cert-list: scep-cert-list ^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **days** **Description** Validity of self-signed certificate (default 1825) **Type:** number **Range:** 1-3650 **Default:** 1825 **dn** **Description** Specify the Distinguished-Name to use while enrolling the certificate (Format: "cn=user, dc=example, dc=com") **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **encrypted** **Description** Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string) **end-date** **Description** End date of self-signed certificate in YYMMDDHHMMSS format specified in UTC time **Type:** string **Maximum Length:** 31 characters **Maximum Length:** 1 characters **enroll** **Description** Initiates enrollment of device with the CA **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **interval** **Description** Interval time in seconds to poll when SCEP response is PENDING (default 5) **Type:** number **Range:** 1-3600 **Default:** 5 **key-length** **Description** '1024': Key size 1024 bits; '2048': Key size 2048 bits(default); '4096': Key size 4096 bits; '8192': Key size 8192 bits; **Type:** string **Supported Values:** 1024, 2048, 4096, 8192 **Default:** 2048 **log-level** **Description** level for logging output of scepclient commands(default 1 and detailed 4) **Type:** number **Range:** 1-4 **Default:** 1 **max-polltime** **Description** Maximum time in seconds to poll when SCEP response is PENDING (default 180) **Type:** number **Range:** 15-432000 **Default:** 180 **method** **Description** 'GET': GET request; 'POST': POST request; **Type:** string **Supported Values:** GET, POST **Default:** GET **minute** **Description** Periodic interval in minutes **Type:** number **Range:** 2-255 **Mutual Exclusion:** minute and renew-every-type are mutually exclusive **name** **Description** Specify Certificate name to be enrolled **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **password** **Description** Specify the password used to enroll the device's certificate **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **renew-before** **Description** Specify interval before certificate expiry to renew the certificate **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** renew-before and renew-every are mutually exclusive **renew-before-type** **Description** 'hour': Number of hours before cert expiry; 'day': Number of days before cert expiry; 'week': Number of weeks before cert expiry; 'month': Number of months before cert expiry; **Type:** string **Supported Values:** hour, day, week, month **renew-before-value** **Description** Value of renewal period **Type:** number **Range:** 1-255 **renew-every** **Description** Specify periodic interval in which to renew the certificate **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** renew-every and renew-before are mutually exclusive **renew-every-type** **Description** 'hour': Periodic interval in hours; 'day': Periodic interval in days; 'week': Periodic interval in weeks; 'month': Periodic interval in months; **Type:** string **Supported Values:** hour, day, week, month **Mutual Exclusion:** renew-every-type and minute are mutually exclusive **renew-every-value** **Description** Value of renewal period **Type:** number **Range:** 1-255 **secret-string** **Description** secret password **Type:** string **Format:** password **Maximum Length:** 127 characters **Maximum Length:** 1 characters **start-date** **Description** Start date of self-signed certificate in YYMMDDHHMMSS format specified in UTC time **Type:** string **Maximum Length:** 31 characters **Maximum Length:** 1 characters **subject-alternate-name** **Description:** subject-alternate-name is a **JSON Block**. Please see below for :ref:`1189_scep-cert-list_subject-alternate-name` **Type:** Object **url** **Description** Specify the Enrollment Agent's absolute URL (Format: http://host/path) **Type:** string **Format:** string-rlx **Maximum Length:** 255 characters **Maximum Length:** 1 characters **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1189_scep-cert-list_subject-alternate-name: scep-cert-list_subject-alternate-name ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **san-type** **Description** 'email': Enter e-mail address of the subject; 'dns': Enter hostname of the subject; 'ip': Enter IP address of the subject; **Type:** string **Supported Values:** email, dns, ip **san-value** **Description** Value of subject-alternate-name **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters .. _1189_copy-key: copy-key ^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **dest-key** **Description** Destination key file **Type:** string **Maximum Length:** 245 characters **Maximum Length:** 1 characters **overwrite** **Description** Overwrite the destination file if already present **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **rotation** **Description** Specify rotation number of SCEP generated key file **Type:** number **Range:** 1-4 **src-key** **Description** Source key file **Type:** string **Maximum Length:** 245 characters **Maximum Length:** 1 characters .. _1189_copy-cert: copy-cert ^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **dest-cert** **Description** Destination certificate file **Type:** string **Maximum Length:** 245 characters **Maximum Length:** 1 characters **overwrite** **Description** Overwrite the destination file if already present **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **rotation** **Description** Specify rotation number of SCEP generated certificate file **Type:** number **Range:** 1-4 **src-cert** **Description** Source certificate file **Type:** string **Maximum Length:** 245 characters **Maximum Length:** 1 characters .. _1189_ca-cert: ca-cert ^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1189_cert: cert ^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1189_create-oper: create-oper ^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **bits** **Description** '1024': 1024; '2048': 2048; '4096': 4096; **Type:** string **Supported Values:** 256, 384, 1024, 2048, 4096 **Default:** 1024 **cert-type** **Description** 'rsa': rsa; 'ecdsa': ecdsa; **Type:** string **Supported Values:** rsa, ecdsa **Default:** rsa **common-name** **Description** **Type:** string **Format:** string-rlx **Maximum Length:** 64 characters **Maximum Length:** 1 characters **country** **Description** **Type:** string **Maximum Length:** 3 characters **Maximum Length:** 2 characters **csr-generate** **Description** **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **digest** **Description** 'sha1': sha1; 'sha256': sha256; 'sha384': sha384; 'sha512': sha512; **Type:** string **Supported Values:** sha1, sha256, sha384, sha512 **Default:** sha1 **division** **Description** **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **email** **Description** **Type:** string **Format:** email-addr **Maximum Length:** 64 characters **Maximum Length:** 1 characters **filename** **Description** **Type:** string **Maximum Length:** 245 characters **Maximum Length:** 1 characters **locality** **Description** **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **organization** **Description** **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **rootca** **Description** **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **secured** **Description** **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **state-province** **Description** **Type:** string **Format:** string-rlx **Maximum Length:** 31 characters **Maximum Length:** 1 characters **v3-request** **Description** **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **valid-days** **Description** **Type:** number **Range:** 30-3650 **Default:** 730 .. _1189_ssli: ssli ^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **generate** **Description:** generate is a **JSON Block**. Please see below for :ref:`1189_ssli_generate` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/ssli/generate ` **revoke** **Description:** revoke is a **JSON Block**. Please see below for :ref:`1189_ssli_revoke` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/ssli/revoke ` .. _1189_ssli_revoke: ssli_revoke ^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **port** **Description** port number **Type:** number **Range:** 0-65534 **serial** **Description** Serial number in hex **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **vip-name** **Description** VIP name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters .. _1189_ssli_generate: ssli_generate ^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **crl** **Description:** crl is a **JSON Block**. Please see below for :ref:`1189_ssli_generate_crl` **Type:** Object **Reference Object:** :doc:`/axapi/v3/pki/ssli/generate/crl ` .. _1189_ssli_generate_crl: ssli_generate_crl ^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **port** **Description** port number **Type:** number **Range:** 0-65534 **vip-name** **Description** VIP name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters .. _1189_delete: delete ^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **ca** **Description** CA certificate file name **Type:** string **Format:** string-rlx **Maximum Length:** 245 characters **Maximum Length:** 1 characters **cert-name** **Description** Certificate file name **Type:** string **Format:** string-rlx **Maximum Length:** 245 characters **Maximum Length:** 1 characters **crl** **Description** CRL file name **Type:** string **Maximum Length:** 255 characters **Maximum Length:** 1 characters **csr** **Description** CSR file name **Type:** string **Maximum Length:** 245 characters **Maximum Length:** 1 characters **private-key** **Description** Private key file name **Type:** string **Format:** string-rlx **Maximum Length:** 245 characters **Maximum Length:** 1 characters