{ "id":"/axapi/v3/pki/acme-cert/{name}", "type":"object", "node-type":"list", "title":"acme-cert", "partition-visibility":"shared", "description":"ACME Certificate enrollment object", "properties":{ "name":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify Certificate name to be enrolled", "optional":false }, "url":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":255, "partition-visibility":"shared", "description":"ACME directory URL. By default, use Let's encrypt as CA server", "optional":true }, "staging-url":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":255, "partition-visibility":"shared", "description":"ACME staging directory URL. By default, use Let's encrypt as CA server", "optional":true }, "domain":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":64, "partition-visibility":"shared", "description":"Main domain you want to issue the cert for. CA will verify whether you control this domain", "optional":true }, "san-domain":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":2048, "partition-visibility":"shared", "description":"Subject-alternate-name dns(s) for your cert, sperated by /", "optional":true }, "enroll":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Initiates enrollment with CA. Due to CA rate limit, A10 strongly recommend you set \"run-with-staging-server\" during test", "optional":true }, "force":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Ignore the next renewal time and force to renew cert", "optional":true }, "staging":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Run ACME operation with staging server. Due to CA rate limit, A10 strongly recommends you set this during test", "optional":true }, "log-level":{ "type":"number", "format":"number", "minimum":1, "maximum":2, "default":1, "partition-visibility":"shared", "description":"Level for logging output of ACME commands(default 1 and detailed 2, including debug messages)", "optional":true }, "renew-before":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"renew-every", "description":"Specify interval before certificate expiry to renew the certificate", "optional":true }, "renew-before-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'hour': Number of hours before cert expiry; 'day': Number of days before cert expiry; 'week': Number of weeks before cert expiry; 'month': Number of months before cert expiry(1 month=30 days); ", "enum":[ "hour", "day", "week", "month" ], "optional":true }, "renew-before-value":{ "type":"number", "format":"number", "minimum":1, "maximum":255, "partition-visibility":"shared", "description":"Value of renewal period", "optional":true }, "renew-every":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"renew-before", "description":"Specify periodic interval in which to renew the certificate", "optional":true }, "minute":{ "type":"number", "format":"number", "minimum":2, "maximum":255, "partition-visibility":"shared", "not":"renew-every-type", "description":"Periodic interval in minutes", "optional":true }, "renew-every-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "not":"minute", "description":"'hour': Periodic interval in hours; 'day': Periodic interval in days; 'week': Periodic interval in weeks; 'month': Periodic interval in months(1 month=30 days); ", "enum":[ "hour", "day", "week", "month" ], "optional":true }, "renew-every-value":{ "type":"number", "format":"number", "minimum":1, "maximum":255, "partition-visibility":"shared", "description":"Value of renewal period", "optional":true }, "cert-type":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Specify the type of certificate", "optional":true }, "rsa-type":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"ecdsa-type", "description":"RSA certificate (default)", "optional":true }, "ecdsa-type":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"rsa-type", "description":"ECDSA certificate", "optional":true }, "rsa-key-length":{ "type":"string", "format":"enum", "default":"2048", "partition-visibility":"shared", "description":"'2048': Key size 2048 bits(default); '3072': Key size 3072 bits; '4096': Key size 4096 bits; '8192': Key size 8192 bits; ", "enum":[ "2048", "3072", "4096", "8192" ], "optional":true }, "ec-key-length":{ "type":"string", "format":"enum", "default":"384", "partition-visibility":"shared", "description":"'256': Key size 256 bits; '384': Key size 384 bits(default); ", "enum":[ "256", "384" ], "optional":true }, "email":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":64, "partition-visibility":"shared", "description":"A valid email address for your ACME account. CA uses this email to send you expiration or other notices", "optional":true }, "vrid":{ "type":"number", "format":"number", "minimum":0, "maximum":31, "partition-visibility":"shared", "description":"Specify ha VRRP-A vrid. It is used to sync http-01 challenge token", "optional":true }, "eab-key-id":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":256, "partition-visibility":"shared", "description":"The key identifier for ACME External Account Binding", "optional":true }, "eab-hmac-key":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"The HMAC key for ACME External Account Binding", "optional":true }, "secret-string":{ "type":"string", "format":"password", "minLength":1, "maxLength":256, "partition-visibility":"shared", "description":"The HMAC key for ACME External Account Binding", "optional":true }, "encrypted":{ "type":"encrypted", "format":"encrypted", "partition-visibility":"shared", "description":"Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "user-tag":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Customized tag", "optional":true } }, "object-keys":[ "name" ], "required":[ "name" ] }