Updated on 2024-11-15 GMT+08:00

Updating Certificate Information of a VPN Gateway

Function

This API is used to update the certificate information of a tenant's VPN gateway of the GM specification, including the certificate name, signature certificate, signature private key, encryption certificate, encryption private key, and CA certificate chain.

Calling Method

For details, see Calling APIs.

URI

PUT /v5/{project_id}/vpn-gateways/{vgw_id}/certificate/{certificate_id}

Table 1 Parameter in a request

Parameter

Type

Description

project_id

String

Specifies a project ID.

vgw_id

String

Specifies the ID of a VPN gateway instance.

certificate_id

String

Specifies the certificate ID of a VPN gateway.

Request

  • Request parameters
    Table 2 UpdateVpnGatewayCertificateRequestBody

    Parameter

    Type

    Mandatory

    Description

    certificate

    UpdateVpnGatewayCertificateRequestBodyContent object

    Yes

    Specifies the VPN gateway certificate object.

    Table 3 UpdateVpnGatewayCertificateRequestBodyContent

    Parameter

    Type

    Mandatory

    Description

    name

    String

    No

    • Specifies the certificate name of a VPN gateway.
    • The value is a string of 3 to 63 characters, which can contain digits, letters, underscores (_), hyphens (-), and periods (.).

    certificate

    String

    No

    • Specifies the content of the SM signature certificate. This parameter is optional if only the certificate name is to be updated.
    • The value is a string of 1 to 4096 characters.

    private_key

    String

    No

    • Specifies the private key of the SM signature certificate. This parameter is optional if only the certificate name is to be updated.
    • The value is a string of 1 to 4096 characters.

    certificate_chain

    String

    No

    • Specifies the content of the CA certificate. This parameter is optional if only the certificate name is to be updated.
    • The value is a string of 1 to 8192 characters.

    enc_certificate

    String

    No

    • Specifies the content of the SM encryption certificate. This parameter is optional if only the certificate name is to be updated.
    • The value is a string of 1 to 4096 characters.

    enc_private_key

    String

    No

    • Specifies the private key of the SM encryption certificate. This parameter is optional if only the certificate name is to be updated.
    • The value is a string of 1 to 4096 characters.
  • Example request
    POST https://{Endpoint}/v5/{project_id}/vpn-gateways/{vgw_id}/certificate/{certificate_id}
    
    {
        "certificate": {
            "name": "cert-dce7",
            "certificate": "-----BEGIN CERTIFICATE-----******-----END CERTIFICATE-----",
            "private_key": "-----BEGIN EC PRIVATE KEY-----*******-----END EC PRIVATE KEY-----",
            "enc_certificate": "-----BEGIN CERTIFICATE-----********-----END CERTIFICATE-----",
            "enc_private_key": "-----BEGIN EC PRIVATE KEY-----********-----END EC PRIVATE KEY-----",
            "certificate_chain": "-----BEGIN CERTIFICATE-----******-----END CERTIFICATE-----"
        }
    }

Response

  • Response parameters

    Returned status code 200: successful operation

    Table 4 Parameters in the response body

    Parameter

    Type

    Description

    certificate

    VpnGatewayCertificateConfig object

    Specifies the VPN gateway certificate object.

    request_id

    String

    Specifies a request ID.

    Table 5 VpnGatewayCertificateConfig

    Parameter

    Type

    Description

    id

    String

    • Specifies the certificate ID of a VPN gateway.
    • The value is a UUID containing 36 characters.

    name

    String

    • Specifies the certificate name of a VPN gateway.
    • The value is a string of 3 to 63 characters, which can contain digits, letters, underscores (_), and hyphens (-).

    vgw_id

    String

    • Specifies a VPN gateway ID.
    • The value is a UUID containing 36 characters.

    issuer

    String

    • Specifies the issuer of the SM signature certificate.
    • The value is a string of 1 to 256 characters.

    signature_algorithm

    String

    • Specifies the signature algorithm of the SM signature certificate.
    • The value is a string of 1 to 64 characters.

    certificate_serial_number

    String

    • Specifies the serial number of the SM signature certificate.
    • The value is a string of 1 to 64 characters.

    certificate_subject

    String

    • Specifies the subject of the SM signature certificate.
    • The value is a string of 1 to 256 characters.

    certificate_expire_time

    String

    • Specifies the time when the SM signature certificate expires.

    certificate_chain_serial_number

    String

    • Specifies the serial number of the SM CA certificate.
    • The value is a string of 1 to 64 characters.

    certificate_chain_subject

    String

    • Specifies the subject of the SM CA certificate.
    • The value is a string of 1 to 256 characters.

    certificate_chain_expire_time

    String

    • Specifies the time when the SM CA certificate expires.

    enc_certificate_serial_number

    String

    • Specifies the serial number of the SM encryption certificate.
    • The value is a string of 1 to 64 characters.

    enc_certificate_subject

    String

    • Specifies the subject of the SM encryption certificate.
    • The value is a string of 1 to 256 characters.

    enc_certificate_expire_time

    String

    • Specifies the time when the SM encryption certificate expires.

    created_at

    String

    • Specifies the creation time.
  • Example response
    {
        "certificate": {
            "id": "73f072d8-demo-a8df-va86-2a755d95636f",
            "name": "cert-dce7",
            "vgw_id": "c7f1d3e3-0476-4a71-95a7-3ce8cbb969de",
            "issuer": "C=CN,ST=Beijing,L=HaiDian,O=GMCert.org,CN=GMCert GM Root CA - 01",
            "signature_algorithm": "SM3WITHSM2",
            "certificate_serial_number": "16548506527294397241",
            "certificate_subject": "C=CN,ST=beijing,L=beijing,O=huawei,OU=vpn,CN=hwcloud-vpn",
            "certificate_expire_time": "2024-02-20T15:41:39+08:00",
            "certificate_chain_serial_number": "12369133709000538078",
            "certificate_chain_subject": "C=CN,ST=Beijing,L=HaiDian,O=GMCert.org,CN=GMCert GM Root CA - 01",
            "certificate_chain_expire_time": "2039-07-11T20:31:33+08:00",
            "enc_certificate_serial_number": "16548506527294397242",
            "enc_certificate_subject": "C=CN,ST=beijing,L=beijing,O=huawei,OU=vpn,CN=hwcloud-vpn",
            "enc_certificate_expire_time": "2024-02-20T15:43:26+08:00",
            "created_at": "2023-03-30T10:47:16.657+08:00"
        }
    }

Status Codes

For details, see Status Codes.