pki acme-cert¶
ACME Certificate enrollment object
acme-cert Specification¶
Parameter Value Type Collection Object Key(s) name Collection Name acme-cert-list Collection URI /axapi/v3/pki/acme-cert Element Name acme-cert Element URI /axapi/v3/pki/acme-cert/{name} Element Attributes acme-cert_attributes Partition Visibility shared Schema acme-cert schema
Operations Allowed:
Operation | Method | URI | Payload | |
---|---|---|---|---|
Create Object | POST | /axapi/v3/pki/acme-cert | ||
Create List | POST | /axapi/v3/pki/acme-cert | ||
Get Object | GET | /axapi/v3/pki/acme-cert/{name} | ||
Get List | GET | /axapi/v3/pki/acme-cert | ||
Modify Object | POST | /axapi/v3/pki/acme-cert/{name} | ||
Replace Object | PUT | /axapi/v3/pki/acme-cert/{name} | ||
Replace List | PUT | /axapi/v3/pki/acme-cert | ||
Delete Object | DELETE | /axapi/v3/pki/acme-cert/{name} |
acme-cert-list¶
acme-cert-list is JSON List of acme-cert attributes
acme-cert-list : [
]
acme-cert attributes¶
cert-type
Description Specify the type of certificate
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
domain
Description Main domain you want to issue the cert for. CA will verify whether you control this domain
Type: string
Format: string-rlx
Maximum Length: 64 characters
Maximum Length: 1 characters
eab-hmac-key
Description The HMAC key for ACME External Account Binding
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
eab-key-id
Description The key identifier for ACME External Account Binding
Type: string
Format: string-rlx
Maximum Length: 256 characters
Maximum Length: 1 characters
ec-key-length
Description ‘256’: Key size 256 bits; ‘384’: Key size 384 bits(default);
Type: string
Supported Values: 256, 384
Default: 384
ecdsa-type
Description ECDSA certificate
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: ecdsa-type and rsa-type are mutually exclusive
Description A valid email address for your ACME account. CA uses this email to send you expiration or other notices
Type: string
Format: string-rlx
Maximum Length: 64 characters
Maximum Length: 1 characters
encrypted
Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)enroll
Description Initiates enrollment with CA. Due to CA rate limit, A10 strongly recommend you set “run-with-staging-server” during test
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
force
Description Ignore the next renewal time and force to renew cert
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
log-level
Description Level for logging output of ACME commands(default 1 and detailed 2, including debug messages)
Type: number
Range: 1-2
Default: 1
minute
Description Periodic interval in minutes
Type: number
Range: 2-255
Mutual Exclusion: minute and renew-every-type are mutually exclusive
name
Description Specify Certificate name to be enrolled
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
renew-before
Description Specify interval before certificate expiry to renew the certificate
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: renew-before and renew-every are mutually exclusive
renew-before-type
Description ‘hour’: Number of hours before cert expiry; ‘day’: Number of days before cert expiry; ‘week’: Number of weeks before cert expiry; ‘month’: Number of months before cert expiry(1 month=30 days);
Type: string
Supported Values: hour, day, week, month
renew-before-value
Description Value of renewal period
Type: number
Range: 1-255
renew-every
Description Specify periodic interval in which to renew the certificate
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: renew-every and renew-before are mutually exclusive
renew-every-type
Description ‘hour’: Periodic interval in hours; ‘day’: Periodic interval in days; ‘week’: Periodic interval in weeks; ‘month’: Periodic interval in months(1 month=30 days);
Type: string
Supported Values: hour, day, week, month
Mutual Exclusion: renew-every-type and minute are mutually exclusive
renew-every-value
Description Value of renewal period
Type: number
Range: 1-255
rsa-key-length
Description ‘2048’: Key size 2048 bits(default); ‘3072’: Key size 3072 bits; ‘4096’: Key size 4096 bits; ‘8192’: Key size 8192 bits;
Type: string
Supported Values: 2048, 3072, 4096, 8192
Default: 2048
rsa-type
Description RSA certificate (default)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
Mutual Exclusion: rsa-type and ecdsa-type are mutually exclusive
san-domain
Description Subject-alternate-name dns(s) for your cert, sperated by /
Type: string
Format: string-rlx
Maximum Length: 2048 characters
Maximum Length: 1 characters
secret-string
Description The HMAC key for ACME External Account Binding
Type: string
Format: password
Maximum Length: 256 characters
Maximum Length: 1 characters
staging
Description Run ACME operation with staging server. Due to CA rate limit, A10 strongly recommends you set this during test
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
staging-url
Description ACME staging directory URL. By default, use Let’s encrypt as CA server
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
url
Description ACME directory URL. By default, use Let’s encrypt as CA server
Type: string
Format: string-rlx
Maximum Length: 255 characters
Maximum Length: 1 characters
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
vrid
Description Specify ha VRRP-A vrid. It is used to sync http-01 challenge token
Type: number
Range: 0-31