Help Center/ Server Migration Service/ API Reference/ API/ Key Management/ Obtaining an SSL Certificate and Private Key
Updated on 2026-01-27 GMT+08:00
View PDF

Obtaining an SSL Certificate and Private Key

Function

If the block-level migration method is used, the Agent installed on the source server communicates with the target server through an SSL socket. This API is used to download the certificate and private key (in PEM format) required for data migration.

Calling Method

For details, see Calling APIs.

URI

GET /v3/tasks/{task_id}/certkey

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

task_id

Yes

String

The migration task ID.

Minimum: 1

Maximum: 36
Table 2 Query Parameters

Parameter

Mandatory

Type

Description

enable_ca_cert

No

Boolean

This API is used to indicate whether to generate a CA certificate.

Default: false

Request Parameters

Table 3 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token.

The token can be obtained by calling the IAM API for obtaining a user token. The value of X-Subject-Token in the response header is the user token.

Minimum: 1

Maximum: 16384

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

cert

String

The source certificate.

Minimum: 1

Maximum: 1048576

private_key

String

The source private key.

Minimum: 1

Maximum: 1048576

ca

String

The CA certificate.

Minimum: 1

Maximum: 1048576

target_mgmt_cert

String

The certificate of the target server for migration task management.

Minimum: 1

Maximum: 1048576

target_mgmt_private_key

String

The private key of the target server for migration task management.

Minimum: 1

Maximum: 1048576

target_data_cert

String

The certificate of the target server for data migration.

Minimum: 1

Maximum: 1048576

target_data_private_key

String

The private key of the target server for data migration.

Minimum: 1

Maximum: 1048576

Status code: 400

Table 5 Response body parameters

Parameter

Type

Description

error_code

String

The error code.

Minimum: 0

Maximum: 255

error_msg

String

The error message.

Minimum: 0

Maximum: 1024

Status code: 401

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

The error code.

Minimum: 0

Maximum: 255

error_msg

String

The error message.

Minimum: 0

Maximum: 1024

Status code: 403

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

The error code.

Minimum: 0

Maximum: 255

error_msg

String

The error message.

Minimum: 0

Maximum: 255

encoded_authorization_message

String

The encrypted authorization information.

Minimum: 0

Maximum: 65535

error_param

Array of strings

Error parameters.

Minimum: 0

Maximum: 65535

Array Length: 1 - 20

details

Array of details objects

The error details.

Array Length: 1 - 20
Table 8 details

Parameter

Type

Description

error_code

String

The SMS error code.

Minimum: 0

Maximum: 65535

error_msg

String

The SMS error message.

Minimum: 0

Maximum: 65535

Status code: 404

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

The error code.

Minimum: 0

Maximum: 255

error_msg

String

The error message.

Minimum: 0

Maximum: 1024

Status code: 500

Table 10 Response body parameters

Parameter

Type

Description

error_code

String

The error code.

Minimum: 0

Maximum: 255

error_msg

String

The error message.

Minimum: 0

Maximum: 1024

Example Requests

This example obtains the certificate and private key required for a migration task.

GET https://{endpoint}/v3/tasks/{task_id}/certkey?enable_ca_cert=true

Example Responses

Status code: 200

Obtaining an SSL certificate and private key succeeded.

{
  "ca" : "-----BEGIN CERTIFICATE-----\n********************************\n-----END CERTIFICATE-----",
  "cert" : "-----BEGIN CERTIFICATE-----\n********************************\n-----END CERTIFICATE-----",
  "private_key" : "-----BEGIN RSA PRIVATE KEY-----\n********************************\n-----END RSA PRIVATE KEY-----",
  "target_mgmt_cert" : "-----BEGIN CERTIFICATE-----\n********************************\n-----END CERTIFICATE-----",
  "target_mgmt_private_key" : "-----BEGIN RSA PRIVATE KEY-----\n********************************\n-----END RSA PRIVATE KEY-----",
  "target_data_cert" : "-----BEGIN CERTIFICATE-----\n********************************\n-----END CERTIFICATE-----",
  "target_data_private_key" : "-----BEGIN RSA PRIVATE KEY-----\n********************************\n-----END RSA PRIVATE KEY-----"
}

Status code: 403

Authentication failed.

{
  "error_code" : "SMS.9004",
  "error_msg" : "The current account does not have the permission to execute policy. You do not have permission to perform action XXX on resource XXX.",
  "encoded_authorization_message" : "XXXXXX",
  "error_param" : [ "You do not have permission to perform action XXX on resource XXX." ],
  "details" : [ {
    "error_code" : "SMS.9004",
    "error_msg" : "You do not have permission to perform action XXX on resource XXX."
  } ]
}

Status Codes

Status Code

Description

200

Obtaining an SSL certificate and private key succeeded.

400

Bad Request

401

Unauthorized

403

Authentication failed.

404

Not Found

500

Internal Server Error

Error Codes

See Error Codes.

Parent topic: Key Management