pki scep-cert

SCEP Certificate enrollment object

scep-cert Specification

Parameter Value
Type Collection
Object Key(s) name
Collection Name scep-cert-list
Collection URI /axapi/v3/pki/scep-cert
Element Name scep-cert
Element URI /axapi/v3/pki/scep-cert/{name}
Element Attributes scep-cert_attributes
Partition Visibility shared
Schema scep-cert schema

Operations Allowed:

OperationMethodURIPayload

Create Object

POST

/axapi/v3/pki/scep-cert

scep-cert attributes

Create List

POST

/axapi/v3/pki/scep-cert

scep-cert attributes

Get Object

GET

/axapi/v3/pki/scep-cert/{name}

scep-cert attributes

Get List

GET

/axapi/v3/pki/scep-cert

scep-cert-list

Modify Object

POST

/axapi/v3/pki/scep-cert/{name}

scep-cert attributes

Replace Object

PUT

/axapi/v3/pki/scep-cert/{name}

scep-cert attributes

Replace List

PUT

/axapi/v3/pki/scep-cert

scep-cert-list

Delete Object

DELETE

/axapi/v3/pki/scep-cert/{name}

scep-cert attributes

scep-cert-list

scep-cert-list is JSON List of scep-cert attributes

scep-cert-list : [

scep-cert attributes

days

Description Validity of self-signed certificate (default 1825)

Type: number

Range: 1-3650

Default: 1825

dn

Description Specify the Distinguished-Name to use while enrolling the certificate (Format: “cn=user, dc=example, dc=com”)

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

encrypted

Description Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

end-date

Description End date of self-signed certificate in YYMMDDHHMMSS format specified in UTC time

Type: string

Maximum Length: 31 characters

Maximum Length: 1 characters

enroll

Description Initiates enrollment of device with the CA

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

interval

Description Interval time in seconds to poll when SCEP response is PENDING (default 5)

Type: number

Range: 1-3600

Default: 5

key-length

Description ‘1024’: Key size 1024 bits; ‘2048’: Key size 2048 bits(default); ‘4096’: Key size 4096 bits; ‘8192’: Key size 8192 bits;

Type: string

Supported Values: 1024, 2048, 4096, 8192

Default: 2048

log-level

Description level for logging output of scepclient commands(default 1 and detailed 4)

Type: number

Range: 1-4

Default: 1

max-polltime

Description Maximum time in seconds to poll when SCEP response is PENDING (default 180)

Type: number

Range: 15-432000

Default: 180

method

Description ‘GET’: GET request; ‘POST’: POST request;

Type: string

Supported Values: GET, POST

Default: GET

minute

Description Periodic interval in minutes

Type: number

Range: 2-255

Mutual Exclusion: minute and renew-every-type are mutually exclusive

name

Description Specify Certificate name to be enrolled

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

password

Description Specify the password used to enroll the device’s certificate

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

renew-before

Description Specify interval before certificate expiry to renew the certificate

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: renew-before and renew-every are mutually exclusive

renew-before-type

Description ‘hour’: Number of hours before cert expiry; ‘day’: Number of days before cert expiry; ‘week’: Number of weeks before cert expiry; ‘month’: Number of months before cert expiry(1 month=30 days);

Type: string

Supported Values: hour, day, week, month

renew-before-value

Description Value of renewal period

Type: number

Range: 1-255

renew-every

Description Specify periodic interval in which to renew the certificate

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: renew-every and renew-before are mutually exclusive

renew-every-type

Description ‘hour’: Periodic interval in hours; ‘day’: Periodic interval in days; ‘week’: Periodic interval in weeks; ‘month’: Periodic interval in months(1 month=30 days);

Type: string

Supported Values: hour, day, week, month

Mutual Exclusion: renew-every-type and minute are mutually exclusive

renew-every-value

Description Value of renewal period

Type: number

Range: 1-255

secret-string

Description secret password

Type: string

Format: password

Maximum Length: 127 characters

Maximum Length: 1 characters

start-date

Description Start date of self-signed certificate in YYMMDDHHMMSS format specified in UTC time

Type: string

Maximum Length: 31 characters

Maximum Length: 1 characters

subject-alternate-name

Description: subject-alternate-name is a JSON Block. Please see below for subject-alternate-name

Type: Object

url

Description Specify the Enrollment Agent’s absolute URL (Format: http://host/path)

Type: string

Format: string-rlx

Maximum Length: 255 characters

Maximum Length: 1 characters

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

subject-alternate-name

Specification Value
Type object

san-type

Description ‘email’: Enter e-mail address of the subject; ‘dns’: Enter hostname of the subject; ‘ip’: Enter IP address of the subject;

Type: string

Supported Values: email, dns, ip

san-value

Description Value of subject-alternate-name

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters