pki acme-cert

ACME Certificate enrollment object

acme-cert Specification

   
Type Collection
Object Key(s) name
Collection Name acme-cert-list
Collection URI /axapi/v3/pki/acme-cert
Element Name acme-cert
Element URI /axapi/v3/pki/acme-cert/{name}
Element Attributes acme-cert_attributes
Schema acme-cert schema

Operations Allowed:

OperationMethodURIPayload

Create Object

POST

/axapi/v3/pki/acme-cert

acme-cert attributes

Create List

POST

/axapi/v3/pki/acme-cert

acme-cert attributes

Get Object

GET

/axapi/v3/pki/acme-cert/{name}

acme-cert attributes

Get List

GET

/axapi/v3/pki/acme-cert

acme-cert-list

Modify Object

POST

/axapi/v3/pki/acme-cert/{name}

acme-cert attributes

Replace Object

PUT

/axapi/v3/pki/acme-cert/{name}

acme-cert attributes

Replace List

PUT

/axapi/v3/pki/acme-cert

acme-cert-list

Delete Object

DELETE

/axapi/v3/pki/acme-cert/{name}

acme-cert attributes

acme-cert-list

acme-cert-list is JSON List of acme-cert attributes

acme-cert-list : [

acme-cert attributes

cert-type

Description Specify the type of certificate

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

domain

Description Main domain you want to issue the cert for. CA will verify whether you control this domain

Type: string

Format: string-rlx

Maximum Length: 64 characters

Maximum Length: 1 characters

ec-key-length

Description ‘256’: Key size 256 bits; ‘384’: Key size 384 bits(default);

Type: string

Supported Values: 256, 384

Default: 384

ecdsa-type

Description ECDSA certificate

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: ecdsa-type and rsa-type are mutually exclusive

email

Description A valid email address for your ACME account. CA uses this email to send you expiration or other notices

Type: string

Format: string-rlx

Maximum Length: 64 characters

Maximum Length: 1 characters

enroll

Description Initiates enrollment with CA. Due to CA rate limit, A10 strongly recommend you set “run-with-staging-server” during test

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

force

Description Ignore the next renewal time and force to renew cert

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

log-level

Description Level for logging output of ACME commands(default 1 and detailed 2, including debug messages)

Type: number

Range: 1-2

Default: 1

minute

Description Periodic interval in minutes

Type: number

Range: 2-255

Mutual Exclusion: minute and renew-every-type are mutually exclusive

name

Description Specify Certificate name to be enrolled

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

renew-before

Description Specify interval before certificate expiry to renew the certificate

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: renew-before and renew-every are mutually exclusive

renew-before-type

Description ‘hour’: Number of hours before cert expiry; ‘day’: Number of days before cert expiry; ‘week’: Number of weeks before cert expiry; ‘month’: Number of months before cert expiry(1 month=30 days);

Type: string

Supported Values: hour, day, week, month

renew-before-value

Description Value of renewal period

Type: number

Range: 1-255

renew-every

Description Specify periodic interval in which to renew the certificate

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: renew-every and renew-before are mutually exclusive

renew-every-type

Description ‘hour’: Periodic interval in hours; ‘day’: Periodic interval in days; ‘week’: Periodic interval in weeks; ‘month’: Periodic interval in months(1 month=30 days);

Type: string

Supported Values: hour, day, week, month

Mutual Exclusion: renew-every-type and minute are mutually exclusive

renew-every-value

Description Value of renewal period

Type: number

Range: 1-255

rsa-key-length

Description ‘2048’: Key size 2048 bits(default); ‘3072’: Key size 3072 bits; ‘4096’: Key size 4096 bits; ‘8192’: Key size 8192 bits;

Type: string

Supported Values: 2048, 3072, 4096, 8192

Default: 2048

rsa-type

Description RSA certificate (default)

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: rsa-type and ecdsa-type are mutually exclusive

san-domain

Description Subject-alternate-name dns(s) for your cert, sperated by /

Type: string

Format: string-rlx

Maximum Length: 2048 characters

Maximum Length: 1 characters

staging

Description Run ACME operation with staging server. Due to CA rate limit, A10 strongly recommends you set this during test

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

staging-url

Description ACME staging directory URL. By default, use Let’s encrypt as CA server

Type: string

Format: string-rlx

Maximum Length: 255 characters

Maximum Length: 1 characters

url

Description ACME directory URL. By default, use Let’s encrypt as CA server

Type: string

Format: string-rlx

Maximum Length: 255 characters

Maximum Length: 1 characters

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

vrid

Description Specify ha VRRP-A vrid. It is used to sync http-01 challenge token

Type: number

Range: 0-31