GET /config/certificates/end_certificates/{id}
Gets information about a specific deployed certificate, as specified the certificate ID.
Gets information about a specific deployed certificate, which is identified by its ID.
You must have System Administrator, Security Administrator, Manage Log Sources, or WinCollect permissions to use this endpoint.
MIME Type |
---|
application/json |
Parameter | Type | Optionality | Data Type | MIME Type | Description |
---|---|---|---|---|---|
id |
path |
Required |
Number (Integer) |
text/plain |
Required. The ID of the certificate to get. |
fields |
query |
Optional |
String |
text/plain |
Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas. |
HTTP Response Code | Unique Code | Description |
---|---|---|
404 |
1002 |
No certificate exists with this ID. |
500 |
1020 |
null |
500 |
2035 |
null |
Response Description
The Certificate resource that was uploaded and deployed.
Non-administrative users see only the certificate name and ID. All other fields appear as 'null'.
The Certificate resource is returned with the following fields:- id - The certificate resource ID.
- name - A unique name that identifies the certificate.
- purpose - The intended use of the certificate.
- subject - Returns the Subject of the certificate.
- issuer - Returns the Issuer of the certificate.
- not_before - Returns the "Validity Not Before" value of the certificate, represented as the number of milliseconds since UNIX Epoch.
- expiry - Returns the "Validity Not After" field of the certificate, represented as the number of milliseconds since UNIX epoch.
- serial_number - Returns the "Serial Number" field of the certificate.
- key_usage - Returns the "Key Usage" field of the certificate. The values are one or more of the enum X509Certificate.KeyUsage
- CRL_SIGN
- DATA_ENCIPHERMENT
- DECIPHER_ONLY
- DIGITAL_SIGNATURE
- ENCIPHER_ONLY
- KEY_AGREEMENT
- KEY_CERT_SIGN
- KEY_ENCIPHERMENT
- NON_REPUDIATION
- extended_key_usage - Returns the "Extended Key Usage" field of the certificate. The values are one or more of:
- TLS_Web_server_authentication
- TLS_Web_client_authentication
- Email_protection
- certificate_revocation_list_distribution_point - Returns the "CRL Distribution Points" field of the certificate
- password - Returns the password that is used to encrypt the private key. This value is always null in the response.
- component_id - Returns the assigned component ID of the certificate.
- validation -Returns the code to indicate whether the certificate is valid. If not, it returns the reason that the certificate is not valid.
- -1 - The certificate has not been validated.
- 0 - The certificate is valid or has not been checked .
- 2001 - Error parsing a certificate.
- 2002 - Error decoding a certificate.
- 2003 - The certificate is expired.
- 2004 - The certificate is not yet valid.
- 2005 - The certificate is revoked.
- 2010 - An unexpected error occurred when processing a certificate.
- 2011 - Error finding the issuer certificates.
- 2012 - The certificate's key usage or extended key usage does not match its purpose.
- 2013 - Error validating the full chain of the certificate.
- 2014 - The certificate is an invalid self-signed certificate.
- 2020 - The CRL is invalid.
- 2030 - Unexpected error when processing the CRL.
- 2031 - Error finding the issuer certificates for the CRL.
- 2032 - The issuer does not have the CRL sign usage.
- 2033 - Error validating the CRL.
- 2034 - The CRL is expired.
Response Sample
{
"ca_chain_file": "String",
"cert_file": "String",
"certificate_revocation_list_distribution_point": "String",
"component_id": 42,
"component_name": "String",
"csr_id": 42,
"expiry": 42,
"extended_key_usage": [
"String <one of: TLS_Web_server_authentication, TLS_Web_client_authentication, Email_protection>"
],
"id": 42,
"issuer": [
{
"field_name": "String",
"value": "String"
}
],
"key_file": "String",
"key_password": "String",
"key_usage": [
"String <one of: CRL_SIGN, DATA_ENCIPHERMENT, DECIPHER_ONLY, DIGITAL_SIGNATURE, ENCIPHER_ONLY, KEY_AGREEMENT, KEY_CERT_SIGN, KEY_ENCIPHERMENT, NON_REPUDIATION>"
],
"name": "String",
"not_before": 42,
"purpose": "String",
"serial_number": "String",
"status": "String",
"subject": [
{
"field_name": "String",
"value": "String"
}
],
"validation": 42
}