.. _pki_scep_cert: pki scep-cert ============= SCEP Certificate enrollment object scep-cert Specification ----------------------- ===================================== ============================================================= **Parameter** **Value** ===================================== ============================================================= **Type** *Collection* **Object Key(s)** *name* **Collection Name** :ref:`2441_scep-cert_list` **Collection URI** /axapi/v3/pki/scep-cert **Element Name** scep-cert **Element URI** /axapi/v3/pki/scep-cert/{name} **Element Attributes** scep-cert_attributes **Partition Visibility** shared **Schema** :download:`scep-cert schema ` ===================================== ============================================================= **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html

Operation	Method	URI	Payload
Create Object .. raw:: html	POST .. raw:: html	/axapi/v3/pki/scep-cert .. raw:: html	:ref:`2441_scep-cert_attributes` .. raw:: html
Create List .. raw:: html	POST .. raw:: html	/axapi/v3/pki/scep-cert .. raw:: html	:ref:`2441_scep-cert_attributes` .. raw:: html
Get Object .. raw:: html	GET .. raw:: html	/axapi/v3/pki/scep-cert/{name} .. raw:: html	:ref:`2441_scep-cert_attributes` .. raw:: html
Get List .. raw:: html	GET .. raw:: html	/axapi/v3/pki/scep-cert .. raw:: html	:ref:`2441_scep-cert_list` .. raw:: html
Modify Object .. raw:: html	POST .. raw:: html	/axapi/v3/pki/scep-cert/{name} .. raw:: html	:ref:`2441_scep-cert_attributes` .. raw:: html
Replace Object .. raw:: html	PUT .. raw:: html	/axapi/v3/pki/scep-cert/{name} .. raw:: html	:ref:`2441_scep-cert_attributes` .. raw:: html
Replace List .. raw:: html	PUT .. raw:: html	/axapi/v3/pki/scep-cert .. raw:: html	:ref:`2441_scep-cert_list` .. raw:: html
Delete Object .. raw:: html	DELETE .. raw:: html	/axapi/v3/pki/scep-cert/{name} .. raw:: html	:ref:`2441_scep-cert_attributes` .. raw:: html

.. _2441_scep-cert_list: scep-cert-list -------------- scep-cert-list is **JSON List** of :ref:`2441_scep-cert_attributes` scep-cert-list : [ { :ref:`2441_scep-cert_attributes` }, { :ref:`2441_scep-cert_attributes` }, ... ] .. _2441_scep-cert_attributes: scep-cert attributes -------------------- **days** **Description** Validity of self-signed certificate (default 1825) **Type:** number **Range:** 1-3650 **Default:** 1825 **dn** **Description** Specify the Distinguished-Name to use while enrolling the certificate (Format: "cn=user, dc=example, dc=com") **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **encrypted** **Description** Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string) **end-date** **Description** End date of self-signed certificate in YYMMDDHHMMSS format specified in UTC time **Type:** string **Maximum Length:** 31 characters **Maximum Length:** 1 characters **enroll** **Description** Initiates enrollment of device with the CA **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **interval** **Description** Interval time in seconds to poll when SCEP response is PENDING (default 5) **Type:** number **Range:** 1-3600 **Default:** 5 **key-length** **Description** '1024': Key size 1024 bits; '2048': Key size 2048 bits(default); '4096': Key size 4096 bits; '8192': Key size 8192 bits; **Type:** string **Supported Values:** 1024, 2048, 4096, 8192 **Default:** 2048 **log-level** **Description** level for logging output of scepclient commands(default 1 and detailed 4) **Type:** number **Range:** 1-4 **Default:** 1 **max-polltime** **Description** Maximum time in seconds to poll when SCEP response is PENDING (default 180) **Type:** number **Range:** 15-432000 **Default:** 180 **method** **Description** 'GET': GET request; 'POST': POST request; **Type:** string **Supported Values:** GET, POST **Default:** GET **minute** **Description** Periodic interval in minutes **Type:** number **Range:** 2-255 **Mutual Exclusion:** minute and renew-every-type are mutually exclusive **name** **Description** Specify Certificate name to be enrolled **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **password** **Description** Specify the password used to enroll the device's certificate **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **renew-before** **Description** Specify interval before certificate expiry to renew the certificate **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** renew-before and renew-every are mutually exclusive **renew-before-type** **Description** 'hour': Number of hours before cert expiry; 'day': Number of days before cert expiry; 'week': Number of weeks before cert expiry; 'month': Number of months before cert expiry(1 month=30 days); **Type:** string **Supported Values:** hour, day, week, month **renew-before-value** **Description** Value of renewal period **Type:** number **Range:** 1-255 **renew-every** **Description** Specify periodic interval in which to renew the certificate **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** renew-every and renew-before are mutually exclusive **renew-every-type** **Description** 'hour': Periodic interval in hours; 'day': Periodic interval in days; 'week': Periodic interval in weeks; 'month': Periodic interval in months(1 month=30 days); **Type:** string **Supported Values:** hour, day, week, month **Mutual Exclusion:** renew-every-type and minute are mutually exclusive **renew-every-value** **Description** Value of renewal period **Type:** number **Range:** 1-255 **secret-string** **Description** secret password **Type:** string **Format:** password **Maximum Length:** 127 characters **Maximum Length:** 1 characters **start-date** **Description** Start date of self-signed certificate in YYMMDDHHMMSS format specified in UTC time **Type:** string **Maximum Length:** 31 characters **Maximum Length:** 1 characters **subject-alternate-name** **Description:** subject-alternate-name is a **JSON Block**. Please see below for :ref:`2441_subject-alternate-name` **Type:** Object **url** **Description** Specify the Enrollment Agent's absolute URL (Format: http://host/path) **Type:** string **Format:** string-rlx **Maximum Length:** 255 characters **Maximum Length:** 1 characters **user-tag** **Description** Customized tag **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _2441_subject-alternate-name: subject-alternate-name ^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **san-type** **Description** 'email': Enter e-mail address of the subject; 'dns': Enter hostname of the subject; 'ip': Enter IP address of the subject; **Type:** string **Supported Values:** email, dns, ip **san-value** **Description** Value of subject-alternate-name **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters