Create or update a certificate profile

Purpose

Creates or updates a certificate profile. A certificate profile is used by a security profile to define the server certificate that is used to control Transport Layer Security (TLS).

URI

Use the Eclipse Amlen REST API POST method with the following Eclipse Amlen configuration URI:

http://<admin-endpoint-IP:Port>/ima/v1/configuration/

Object configuration data

Provide CertificateProfile object configuration data in the payload of the POST method by using the following schema. Content-type is set to application/json: 


{    
  "CertificateProfile": {
    "<NameOfCertificateProfile>": {
      "Certificate": "string",
      "Key": "string",
      "CertFilePassword": "string",
      "KeyFilePassword": "string",
      "Overwrite": true|false
     }
   }
}
Where:
NameOfCertificateProfile
Required.
Specifies a name for the certificate profile.
The name must not have leading or trailing spaces and cannot contain control characters, commas, double quotation marks, backslashes, or equal signs. The first character must not be a number or any of the following special characters:
! # $ % & ' ( ) * + - . / : ; < > ? @
The maximum length of the name is 256 characters.
After the profile is created, this name cannot be changed.
Certificate
Required if you are creating a certificate profile.
Specifies the name of the server certificate.
If you update the value of Certificate, ensure that you also update the value of Key.
Key
Required if you are creating a certificate profile.
Specifies the name of the private key.
If you update the value of Key, ensure that you also update the value of Certificate.
CertFilePassword
Specifies the server certificate password, if any.
KeyFilePassword
Specifies the private key password, if any.
Overwrite: true|false
Specifies whether an existing certificate and key are overwritten if they have the same name.
The default value is false which means that an existing certificate and key are not overwritten if they have the same name.

Usage NotesĀ®

  • If you enable TLS, you must create the certificate profile before you create the security profile.
  • The server certificate and private key must be copied to Eclipse Amlen before they can be used in a certificate profile. Copy a file from the local machine to Eclipse Amlen command to copy the certificate and key.
  • The certificate must be a pem format certificate.
  • If you need to replace a certificate, for example if the certificate is due to expire, you can upload a new certificate and associate it with the certificate profile that references the certificate that you need to replace. Overwrite must be set to true in the payload when you replace a certificate.
  • Capitalization and double quotation marks must be used as shown.

Related REST Administration APIs

Example

Creates and applies a certificate profile called "MyCertificateProfile" by using cURL:
  
curl -X POST \
   -H 'Content-Type: application/json'  \
   -d  '{ 
           "CertificateProfile": {
            "MyCertificateProfile": {
             "Certificate": "exampleCert.pem",
             "Key": "exampleKey.pem"
           }
         }
       }
 '  \
http://127.0.0.1:9089/ima/v1/configuration/
An example response to the POST method:

{        
  "Version": "v1",
  "Code": "CWLNA6011",
  "Message": "The requested configuration change has completed successfully."
}