...
Date | Description |
28 January 2018 | Initial Release; CCM version 6.0 |
...
...
Method | Usage |
GET | Used to retrieve a resource |
POST | Used to create a new resource |
...
...
...
Status Code | Usage |
200 OK | The request completed successfully |
204 No Content | An update to an existing resource has been applied successfully |
400 Bad Request | The request was malformed. The response body will include an error providing further information |
404 Not Found | The requested resource does not exist |
...
Whenever an error response (status code >=400) is returned, the body will contain a JSON object that describes the problem. The error object has the following structure:
Path | Type | Description |
code | Number | Error code |
description | String | Error message |
HTTP/1.1 401 Unauthorized |
...
In order to access InCommon APIs, you will need to authenticate yourself to the InCommon CM service. You can authenticate via username/password, or via username + client certificate.
...
Header Name | Description |
login | Privileged User's Login Name |
password | Privileged User's Password; ( if necessary ) |
CustomerUri | Customer URI part of the URL e.g.s. InCommon or InCommon_Test |
...
Prerequisites
- Users should have InCommon CM login credentials.
- Web API access must be enabled for the Organization by InCommon.
- Each department department will need to be enabled by their RAO through InCommon CM.
The URI for the username/password authentication schema for InCommon CM is:
- {api-endpoint} = https://cert-manager.com/api/\{path}
...
Prerequisites
- Users should have InCommon CM login credentials.
- Web API access must be enabled for the Organization by InCommon.
- Each department department will need to be enabled by their RAO through InCommon CM.
- Admins should have Certificate Auth enabled.
- The authentication certificate MUST BE requested and issued through InCommon CM and active at the moment of authentication.
The URI for the username/client certificate authentication is:
- {api-endpoint} = https://cert-manager.com/private/api/\{path}
...
All functions pertaining to the management of TLS/SSL certificates within InCommon CM.
Basic Auth URI endpoint – https://cert-manager.com/api/ssl/v1/{path}
Client Auth URI endpoint – https://cert-manager.com/private/ssl/v1{path}
...
Path – /ssl/v1/types
HTTP Method – GET
...
Attribute | Type | Description | ||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="16d7c114-1da8-45a0-96a3-1aa208ee8c0c"><ac:plain-text-body><![CDATA[ | [ ] | Array | An Array of available SSL Types | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="44570056-d8bd-44e4-a8e9-f5fa2d070ecf"><ac:plain-text-body><![CDATA[ | [ ] id | String | The SSL Type unique identifier | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a910972e-533d-47ed-b135-987733da0a66"><ac:plain-text-body><![CDATA[ | [ ] name | String | The SSL Cert Type name | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ff3edb7e-bbb1-44e5-96fb-8f4b1efe0791"><ac:plain-text-body><![CDATA[ | [ ] terms [ ] | Array | An array of available terms, in days, for the SSL type. | ]]></ac:plain-text-body></ac:structured-macro> |
...
$ curl 'https://cert-manager.com/api/ssl/v1/types/' -i {color} |
...
HTTP/1.1 200 OK |
...
Creation and submission of a request for a new TLS/SSL certificate.
Path – /ssl/v1/enroll?
HTTP Method – POST
...
Attribute | Type | Description | Constraints | ||
orgId | Integer | Organization ID; can be found within InCommon CM on the organization's and or department's General tab. | MUST BE positive & not NULL | ||
csr | String | Certificate Signing Request (Base-64 encoded, with or without the: | MUST not be empty or NULL. | ||
SubjAltNames | String | Comma-Separated list of DNS Subject Alternative Names (SANs) | A maximum of 100 SANs. | ||
certType | Integer | Certificate Type ID | Obtained from /ssl/types OR /ssl/types{orgId} function | ||
numberServers | Integer | Number of Server Licenses. Required for the Wildcard products | MUST BE positive & not NULL | ||
serverType | Integer | Server Software Identifier | MUST BE at least -1; | ||
term | Integer | Certificate validity period in number of days. | MUST BE positive. | ||
comments | String | Additional Comments/Notes for Enrollment Request | A maximum of 1024 characters accepted. | ||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="104ce33f-5e96-44ec-8844-b17375f54aeb"><ac:plain-text-body><![CDATA[ | customFields [] | Array | Custom fields to be applied to enrolling certificate. | MUST contain mandatory custom fields. | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="cde12c47-fa33-405b-b47e-7096fd7ea4ae"><ac:plain-text-body><![CDATA[ | customFields[].name | String | The name of an enabled mandatory custom field. |
| ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="409c44a0-ecf3-4b0e-8e4c-fb7a59f7baea"><ac:plain-text-body><![CDATA[ | customFields[].value | String | The value of the custom field |
| ]]></ac:plain-text-body></ac:structured-macro> |
...
Server Type | Description |
---|---|
1 | AOL |
2 | Apache/ModSSL |
3 | Apache-SSL (Ben-SSL, not Stronghold) |
4 | C2Net Stronghold |
33 | Cisco 3000 Series VPN Concentrator |
34 | Citrix |
5 | Cobalt Raq |
6 | Covalent Server Software |
7 | IBM HTTP Server |
8 | IBM Internet Connection Server |
9 | iPlanet |
10 | Java Web Server (Javasoft / Sun) |
11 | Lotus Domino |
12 | Lotus Domino Go! |
13 | Microsoft IIS 1.x to 4.x |
14 | Microsoft IIS 5.x and later |
15 | Netscape Enterprise Server |
16 | Netscape FastTrack |
17 | Novell Web Server |
18 | Oracle |
19 | Quid Pro Quo |
20 | R3 SSL Server |
21 | Raven SSL |
22 | RedHat Linux |
23 | SAP Web Application Server |
24 | Tomcat |
25 | Website Professional |
26 | WebStar 4.x and later |
27 | WebTen (from Tenon) |
28 | Zeus Web Server |
29 | Ensim |
30 | Plesk |
31 | WHM/cPanel |
32 | H-Sphere |
-1 | OTHER |
...
$ curl 'https://ccm.com/api/ssl/v1/enroll/' -i -X POST {color} |
...
Certificate retrieval (collection) of an issued certificate from InCommon CM
Path – /ssl/v1/collect/{sslId}/{formatType}
HTTP Method – POST
Parameter | Description |
sslId | Certificate ID; positive integer value; Minimum value = 1 |
formatType | Format Type for certificate collection.
|
...
$ curl 'https://ccm.com/api/ssl/v1/collect/582/base64' -i {color} |
...
HTTP/1.1 200 OK |
...
Generate a request to InCommon CM to revoke a specific TLS/SSL certificate.
Path – /ssl/v1/revoke/{sslId}
HTTP Method – POST
...
Parameter | Description |
sslId | Certificate ID; positive integer value; Minimum value = 1 |
...
Attribute | Type | Description | Constraints |
reason | String | A short comment as to why the certificate needs to be revoked. | MUST NOT be empty. |
...
$ curl 'https://ccm.com/api/ssl/v1/revoke/587' -i -X POST {color} |
...
HTTP/1.1 204 No Content |
...
A function to initiate the renewal of a given certificate using the same CSR and parameters of the existing certificate.
PATH – /ssl/v1/renew/{renewId}
HTTP Method – POST
...
Parameter | Type | Max. Length (chars) | Description |
---|---|---|---|
renewId | String | 20 | Returned via the enrollment API call. It is also found in every Enrollment Successful email that InCommon CM sends. |
...
$ curl 'https://ccm.com/api/ssl/v1/renew/10' -i -X POST {color} |
...
HTTP/1.1 204 No Content |
...
A function to initiate the renewal of a given certificate using the same CSR and parameters of the existing TLS/SSL certificate.
Path – /ssl/v1/renewById/{sslId}
HTTP Method – POST
...
Parameter | Possible value(s) |
---|---|
sslId | Certificate ID; positive integer value; Minimum value = 1 |
...
$ curl 'https://ccm.com/api/ssl/v1/renew/10' -i -X POST {color} |
...
Attribute | Type | Description |
---|---|---|
sslId | Integer | Renewed certificate's identifier. |
...
A function to initiate the replacement (or re-issuance) of a given certificate, based on a unique identifier and a new CSR.
...
Parameter | Description |
---|---|
sslId | Certificate ID; positive integer value; Minimum value = 1 |
...
Attribute | Type | Description | Constraints |
---|---|---|---|
csr | String | Certificate Signing Request (Base-64 encoded, with or without the: | MUST not be empty or NULL. |
reason | String | A short comment as to why the certificate needs to be replaced (or re-issued). | MUST NOT be empty. |
...
$ curl 'https://ccm.com/api/ssl/v1/replace/586' -i -X POST {color} |
...