GET /staged_config/certificates/root_certificates/{id}

Gets details of an uploaded root certificate, as specified by the ID. You must have System Administrator or Security Administrator permissions to use this endpoint.

Table 1. GET /staged_config/certificates/root_certificates/{id} resource details
MIME Type

application/json

Table 2. GET /staged_config/certificates/root_certificates/{id} request parameter details
Parameter Type Optionality Data Type MIME Type Description

id

path

Required

String

text/plain

Required. The ID of the certificate to retrieve.

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 3. GET /staged_config/certificates/root_certificates/{id} response codes
HTTP Response Code Unique Code Description

404

1002

No certificate exists with this ID.

500

1020

null

Response Description

Displays the following information about the certificate resource:
  • id - Uniquely identifies the certificate. This value is derived from subject_key_id.
  • subject_key_id - Returns the Subject Key Identifier of the CA certificate.
  • authority_key_id - Returns the Authority Key Identifier of the CA certificate.
  • subject - Returns the Subject of the CA certificate.
  • issuer - Returns the Issuer of the CA certificate.
  • not_before - Returns the "Validity Not Before" field of the certificate, represented as the number of milliseconds since UNIX epoch.
  • expiry - Returns the "Validity Not After" field of the certificate, represented as the number of milliseconds since UNIX epoch.
  • status - Returns the status of the certificate. After you upload the certificate, one of the following values is shown:
    • DEPLOY_PENDING indicates that the changes must be deployed.
    • DEPLOYED indicates that the certificate was uploaded and the changes were deployed.
    • DELETE_PENDING indicates that the certificate was deployed, but will be deleted pending the next deployment.
  • validation - Returns the code to indicate whether the certificate is valid. If not, it returns the reason that the certificate is not valid.

    • -1 - Certificate has not been validated.
    • 0 - Certificate is valid or has not been checked.
    • 2001 - Error parsing a certificate.
    • 2002 - Error decoding a certificate.
    • 2003 - The certificate is expired.
    • 2004 - The certificate is not yet valid.
    • 2005 - The certificate is revoked.
    • 2010 - An unexpected error occurred when processing a certificate.
    • 2011 - Error finding the issuer certificates.
    • 2012 - The certificate's key usage or extended key usage does not match its purpose.
    • 2013 - Error validating the full chain of the certificate.
    • 2014 - The certificate is an invalid self-signed certificate.
    • 2020 - The CRL is invalid.
    • 2030 - Unexpected error when processing the CRL.
    • 2031 - Error finding the issuer certificates for the CRL.
    • 2032 - The issuer does not have the CRL sign usage.
    • 2033 - Error validating the CRL.
    • 2034 - The CRL is expired.

Response Sample


{
    "authority_key_id": "String",
    "expiry": 42,
    "id": "String",
    "issuer": [
        {
            "field_name": "String",
            "value": "String"
        }
    ],
    "not_before": 42,
    "status": "String",
    "subject": [
        {
            "field_name": "String",
            "value": "String"
        }
    ],
    "subject_key_id": "String",
    "validation": 42
}