Help Center/ API Gateway/ API Reference/ Dedicated Gateway APIs (V2)/ Domain Name Management/ Adding a Certificate to a Domain Name

Updated on 2024-11-11 GMT+08:00

Online Debugging

CLI Examples

View PDF

Adding a Certificate to a Domain Name

Function

When you create an API to be accessed through HTTPS, you must add an SSL certificate to the independent domain name that has been bound to the group the API belongs to.

For gateways with custom inbound ports, the same domain name is bound to a certificate at the same time. Enabling or disabling client verification takes effect for different ports of the same domain name.

This API is used to add a certificate to a specific domain name.

Calling Method

For details, see Calling APIs.

URI

POST /v2/{project_id}/apigw/instances/{instance_id}/api-groups/{group_id}/domains/{domain_id}/certificate

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID. For details about how to obtain it, see Obtaining a Project ID.
instance_id	Yes	String	Gateway ID, which can be obtained from the gateway information on the APIG console.
group_id	Yes	String	API group ID.
domain_id	Yes	String	Domain ID.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
cert_content	Yes	String	Certificate content.
name	Yes	String	Certificate name. It can contain 4 to 50 characters, starting with a letter. Only letters, digits, and underscores (_) are allowed.
private_key	Yes	String	Private key.

Response Parameters

Status code: 201

**Table 4** Response body parameters
Parameter	Type	Description
url_domain	String	Custom domain name.
id	String	Domain ID.
status	Integer	CNAME resolution status. 1: not resolved 2: resolving 3: resolved 4: resolution failed
min_ssl_version	String	Minimum SSL version supported.
is_http_redirect_to_https	Boolean	Whether to enable HTTP redirection to HTTPS. The value false means disable and true means enable. The default value is false. Default: false
verified_client_certificate_enabled	Boolean	Whether to enable client certificate verification. This parameter is available only when a certificate is bound. It is enabled by default if trusted_root_ca exists, and disabled if trusted_root_ca does not exist. Default: false
ingress_http_port	Integer	Inbound HTTP port bound to the domain name. -1 indicates that no port is available and the protocol is not supported. In this case, you can use the default port 80. Other valid ports must be included in the HTTP inbound ports of the gateway. The value ranges from 1024 to 49151. When creating a domain name, if this parameter is not set, the default port 80 is used. If this parameter is set, https_port must be set. If both http_port and https_port need to use the default port, leave both parameters blank. If this parameter is not specified when you modify the domain name, the port number remains unchanged. Minimum: -1 Maximum: 49151
ingress_https_port	Integer	Inbound HTTPS port bound to the domain name. -1 indicates that no port is available and the protocol is not supported. In this case, you can use the default port 443. Other valid ports must be included in the HTTPS inbound ports of the gateway. The value ranges from 1024 to 49151. When creating a domain name, if this parameter is not set, the default port 443 is used. If this parameter is set, http_port must be set. If both http_port and https_port need to use the default port, leave both parameters blank. If this parameter is not specified when you modify the domain name, the port number remains unchanged. Minimum: -1 Maximum: 49151
ssl_name	String	Certificate name.
ssl_id	String	Certificate ID.
ssl_infos	Array of SslInfo objects	SSL certificate list.

**Table 5** SslInfo
Parameter	Type	Description
ssl_id	String	SSL certificate ID.
ssl_name	String	SSL certificate name.
algorithm_type	String	Certificate algorithm type: RSA ECC SM2
type	String	Certificate scope: instance global Default: global

Status code: 400

**Table 6** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 401

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 403

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 404

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Status code: 500

**Table 10** Response body parameters
Parameter	Type	Description
error_code	String	Error code.
error_msg	String	Error message.

Example Requests

Binding a certificate to a domain name

{
  "name" : "cert_demo",
  "private_key" : "'-----BEGIN PRIVATE KEY-----THIS IS YOUR PRIVATE KEY-----END PRIVATE KEY-----\\n'",
  "cert_content" : "'-----BEGIN CERTIFICATE-----THIS IS YOUR CERT CONTENT-----END CERTIFICATE-----\\n'"
}

Example Responses

Status code: 201

Created

{
  "ssl_name" : "cert_demo",
  "url_domain" : "www.example.com",
  "ssl_id" : "a27be832f2e9441c8127fe48e3b5ac67",
  "id" : " f6bb84ccf1c34035878aa51b7253b21c",
  "status" : 3
}

Status code: 400

Bad Request

{
  "error_code" : "APIG.2012",
  "error_msg" : "Invalid parameter value,parameterName:name. Please refer to the support documentation"
}

Status code: 401

Unauthorized

{
  "error_code" : "APIG.1002",
  "error_msg" : "Incorrect token or token resolution failed"
}

Status code: 403

Forbidden

{
  "error_code" : "APIG.1005",
  "error_msg" : "No permissions to request this method"
}

Status code: 404

Not Found

{
  "error_code" : "APIG.3020",
  "error_msg" : "The URL domain does not exist"
}

Status code: 500

Internal Server Error

{
  "error_code" : "APIG.9999",
  "error_msg" : "System error"
}

Status Codes

Status Code	Description
201	Created
400	Bad Request
401	Unauthorized
403	Forbidden
404	Not Found
500	Internal Server Error

Error Codes

See Error Codes.

Parent topic: Domain Name Management

Previous topic: Binding a Domain Name

Next topic: Modifying a Domain Name

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot