Updated on 2023-06-29 GMT+08:00

Create an SSL certificate.

Function

Creating an SSL Certificate

URI

POST /v2/{project_id}/apic/certificates

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID. For details about how to obtain the project ID, see Appendix > Obtaining a Project ID in the ROMA Connect API Reference.

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header).

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

name

Yes

String

Certificate name.

cert_content

Yes

String

Certificate content.

private_key

Yes

String

Private key.

type

No

String

Certificate scope.

Default: global

instance_id

No

String

Instance ID. Mandatory when type is set to instance.

trusted_root_ca

No

String

Trusted root certificate (CA).

algorithm_type

No

String

Certificate algorithm type. Options:

  • RSA

  • ECC

  • SM2

To be supported

cert_content_sign

No

String

Signature certificate content. Mandatory when algorithm_type is set to SM2.

To be supported

Maximum: 8092

private_key_sign

No

String

Signature key content. Mandatory when algorithm_type is set to SM2.

To be supported

Maximum: 8092

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

id

String

Certificate ID.

name

String

Certificate name.

type

String

Certificate type. Options:

  • global: all certificates

  • instance: certificates of the current instance

instance_id

String

Instance ID.

  • type set to global: The default value is common.

  • type set to instance: The default value is the instance ID.

project_id

String

Project ID.

common_name

String

Domain name.

san

Array of strings

SAN.

not_after

String

Validity period end time.

signature_algorithm

String

Signature algorithm.

create_time

String

Creation time.

update_time

String

Update time.

algorithm_type

String

Certificate algorithm type. Options:

  • RSA

  • ECC

  • SM2

To be supported

is_has_trusted_root_ca

Boolean

Whether a trusted root certificate (CA) exists. The value is true if trusted_root_ca exists in the bound certificate.

Default: false

version

Integer

Version.

organization

Array of strings

Company/Organization.

organizational_unit

Array of strings

Department.

locality

Array of strings

City.

state

Array of strings

State/Province.

country

Array of strings

Country.

not_before

String

Validity period start time.

serial_number

String

Serial number.

issuer

Array of strings

Issuer.

Status code: 400

Table 5 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 401

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 403

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 404

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Status code: 500

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error description.

Example Requests

Example of the request body for creating an SSL certificate.

{
  "name" : "cert_demo",
  "private_key" : "'-----BEGIN CERTIFICATE-----\\nMIIEcDCCAtigAwIBAgIRAKUYqTtQbsPhVauuteGD8kMwDQYJKoZIhvcNAQELBQAw\\ngZMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTE0MDIGA1UECwwrQ0hJ\\nTkFcbDAwNDk1MzA1QERFU0tUT1AtTDJURk9GSCAobGl1cnVpeHVlKTE7MDkGA1UE\\nAwwybWtjZXJ0IENISU5BXGwwMDQ5NTMwNUBERVNLVE9QLUwyVEZPRkggKGxpdXJ1\\naXh1ZSkwHhcNMTkwNjAxMDAwMDAwWhcNMzAwODA0MDc0MTE5WjBfMScwJQYDVQQK\\nEx5ta2NlcnQgZGV2ZWxvcG1lbnQgY2VydGlmaWNhdGUxNDAyBgNVBAsMK0NISU5B\\nXGwwMDQ5NTMwNUBERVNLVE9QLUwyVEZPRkggKGxpdXJ1aXh1ZSkwggEiMA0GCSqG\\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYvPx9H8ZY9iUf5A8hT8s/gTThEOa3nswW\\njxxU58+dIiwvzdIioc+CaggMz/rjT3bt9jRilKvzkJjryUxLNOe3JsdJogm0OSxc\\nSJWOhdZd/vScImWajM5t3M/M7xgt1g813PNEVJ/uTaEwm6K3sAlqGJfgiU/ep6pb\\nI4S9i1c3VYLTfGF2ND5kTaysp69/mXl4IUDWn82n0TpjB4BvoiYD9ORMcvBBGCBh\\nnU2x497Uyo0X/MkreoxLxLEO2s4/TZfpZ0Ezsi/yHwjTRQ0ut53IKbSZDoBf3HLE\\nPw1Y4q2s4qjN6ImZmkYX+Qvx5MxdHCNsfPsDFTYX2rl+vCpqtDW/AgMBAAGjcjBw\\nMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8E\\nAjAAMB8GA1UdIwQYMBaAFEV9QNgV6FDCbMBoI4uT/JL/8ZHjMBoGA1UdEQQTMBGC\\nD3d3dy5jb21wYW55LmNvbTANBgkqhkiG9w0BAQsFAAOCAYEAXkrRlJ2z0xEGBiE3\\ncvGtePxERVm0cdU1fI7qoQRd8bg0KJwvCvFfJZoCWD41saZnXcfwn+1eAD6txWsV\\nkgq784DeTltqC5tU6l6kpXyU1lkTm9U7/Qbb8QGB8GaRAP9VJTLfOzjieZrj/55L\\nyrSkK84hvo6XSaEhqaBUWQN1qr8MY9/P0sZ2H0S9uu3Ezu9r/jx849aYDKeN4Zdf\\nxda1iXz+6UYUQKo5cveGKu+HmIW5V+sVVUfBCbr1FrUgaSbeZDnKdm6xlQZ70los\\nn4yLrpdbL0r5x41es94PaLSZC9+UANLf7fqGKpYlYdUU3YigUs3ed9Cn1f1ScI6V\\nJgR5tyK0dAb1n5tJwM2FA0cu56L3h2h71Jxgs4mEvBlqy+h6wVOIboj4UzQRnm+t\\n1Um4rYopw240iy4oRTYqB3dcsA3y3KYcTzA+LCUOcnWcaZSFiL9kEKqCWljZs51A\\nuux1UisF8p/iMNyZPoPYIBQnO+oN2GJ72krI2pmMJgEkag38\\n-----END CERTIFICATE-----\\n'",
  "cert_content" : "'-----BEGIN PRIVATE KEY-----\\nMIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDYvPx9H8ZY9iUf\\n5A8hT8s/gTThEOa3nswWjxxU58+dIiwvzdIioc+CaggMz/rjT3bt9jRilKvzkJjr\\nyUxLNOe3JsdJogm0OSxcSJWOhdZd/vScImWajM5t3M/M7xgt1g813PNEVJ/uTaEw\\nm6K3sAlqGJfgiU/ep6pbI4S9i1c3VYLTfGF2ND5kTaysp69/mXl4IUDWn82n0Tpj\\nB4BvoiYD9ORMcvBBGCBhnU2x497Uyo0X/MkreoxLxLEO2s4/TZfpZ0Ezsi/yHwjT\\nRQ0ut53IKbSZDoBf3HLEPw1Y4q2s4qjN6ImZmkYX+Qvx5MxdHCNsfPsDFTYX2rl+\\nvCpqtDW/AgMBAAECggEBAMJGvOiHp+qsUODCM5G/jcdR0Q2Bcd3b+MKr61BsLdyC\\n+iqripXCh1g2JRse/pvs6gUpsRFAhNWhooGQAdRUCvRQTUjCd4JV0V6zLWQAsgO1\\nepvN9VdQqeUujhH7q6fCfgXhFSoF1QnuCfOhPnz6zaWNf+4kBzTlA74IG38vvLD6\\nTccgvXNrJEWMM+AN6uCndEMkPG2VtCor9VDaN5iuBN9NsAxTGZu9wgrZzg1W0rVZ\\nC/Psh2U2gwXHBzsiygB3n08R+7MSwulpsvUone2E4IT+VDURWIIIcVQZtT6SxuRt\\npFEy7E/PfKV1VRvEvyGtZSSLkt0WxqHPENrj3LuW77kCgYEA4X+iRh6jTSmJ1fHl\\n0qhCSFWXjp1B+cajNs62N2kFcRkOtD5BvWihlDbuLaq/eYfErKET6Z8jnbRyQCJV\\n/ePqRIZ30gjTPRr55X8ZXb+hCficHnK5LZah6HwyRL337FzejTxs3J7C1rVmYq/n\\nCjfa3bJQ6zUtxRO+B2BlCgES9q0CgYEA9g4ByVyydao8ZEC9Qbn9Pzd/LsIbBOAG\\nPg7Ib0vwHyRv9oPHTc7dla+YBTfNVuFOt2e/KKf0meZnM6OiW/r38zgwLMwzHHcs\\nryMNGgwffSwmDXgrswkXu5ICuoc1+2s3GGNFkjg7IrfcHlEpVAn/ttJTCmbvTMGo\\nHM+oJPpGp5sCgYAopHx27ua37ZiuOt8VTMZFi0e5qJZPkoGwSymEayVT8RQ5YE8w\\n+D7HG+9pw7CnEtVb19xi6w/cSL2e2ZFuJToAB8xoyrZn+Qi5WGMWBofb6DcbNcoy\\ncUfVQy08PpEExOhHxHBKg0LSt/cwKkwWB2MnOhBjlD4fmyNQ6QrM9syYMQKBgH+8\\nv9Kwq/kH+rg1H8uKad2yyvUUUgCS6Mq40/drneoc+X8p5IMRXNnDwhEbah+rcjkm\\nxAewQfzPr04Qqk5EGQsMZX4sOHCTsf/uG3QlTQenrs2ZUF5u3wJCh+YcIbs3au/f\\nQZPqW1Dn0H9wtRrq4fUgdXnV/G+FreffKjSgNaP3AoGAT8wX6ZszA5HrIGSo4pi7\\nDnbMNuYe1cpcyoAi178YVklom6uGutIiafngapViESKZ0Y8X/lYzU6ELclimqJPB\\nXD4nSD64YVvi+TjzwLK61tEUuAnYlWrtXQORWPQ5tHGlhCZPrciO2QH5P9cxoU3Z\\npGfmyACUF4Od9tdq4t4S9j4=\\n-----END PRIVATE KEY-----\\n'",
  "type" : "instance",
  "instance_id" : "f0fa1789-3b76-433b-a787-9892951c620e"
}

Example Responses

Status code: 200

OK

{
  "id" : "a27be832f2e9441c8127fe48e3b5ac67",
  "name" : "cert_demo",
  "common_name" : "apigtest.xxx.com",
  "san" : [ "apigtest.xxx.com", "*.san.com" ],
  "version" : 3,
  "organization" : [ "company" ],
  "organizational_unit" : [ "IT" ],
  "locality" : [ "city" ],
  "state" : [ "state" ],
  "country" : [ "Country" ],
  "not_before" : "2019-06-01T00:00:00Z",
  "not_after" : "2031-08-16T06:36:13Z",
  "serial_number" : "13010",
  "issuer" : [ "SSL Inc" ],
  "signature_algorithm" : "SHA256-RSA",
  "create_time" : "2021-08-20T02:03:53Z",
  "update_time" : "2021-08-20T02:03:53Z",
  "algorithm_type" : "RSA"
}

Status code: 400

Bad Request

{
  "error_code" : "APIG.3325",
  "error_msg" : "The API quota name already exists"
}

Status code: 401

Unauthorized

{
  "error_code" : "APIG.1002",
  "error_msg" : "Incorrect token or token resolution failed"
}

Status code: 403

Forbidden

{
  "error_code" : "APIG.1005",
  "error_msg" : "No permissions to request this method"
}

Status code: 404

Not Found

{
  "error_code" : "APIG.3030",
  "error_msg" : "The instance does not exist;id:f0fa1789-3b76-433b-a787-9892951c620ec"
}

Status code: 500

Internal Server Error

{
  "error_code" : "APIG.9999",
  "error_msg" : "System error"
}

Status Codes

Status Code

Description

200

OK

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

500

Internal Server Error

Error Codes

See Error Codes.