Static createThe Certificate Authority object's attributes. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional xOptional context id the request is running. *
Static createCreate an OCSP Responder Trusted Common Name object. Create an OCSP Responder Trusted Common Name object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.
When an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.
| Attribute | Identifying | Required | Read-Only | Write-Only | Deprecated | Opaque |
|---|---|---|---|---|---|---|
| certAuthorityName | x | x | x | |||
| ocspTlsTrustedCommonName | x | x | x |
A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.
This has been deprecated since 2.19. Replaced by clientCertAuthorities.
CertAuthorityOcspTlsTrustedCommonNameResponse The OCSP Responder Trusted Common Name object's attributes after being created, and the request metadata.
SempMetaOnlyResponse The error response.
ApiError
The OCSP Responder Trusted Common Name object's attributes. *
The name of the Certificate Authority. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional xOptional context id the request is running. *
Static deleteDelete a Certificate Authority object. Delete a Certificate Authority object. The deletion of instances of this object are synchronized to HA mates via config-sync.
Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.
A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.
This has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.
SempMetaOnlyResponse The request metadata.
ApiError
The name of the Certificate Authority. *
Optional xOptional context id the request is running. *
Static deleteDelete an OCSP Responder Trusted Common Name object. Delete an OCSP Responder Trusted Common Name object. The deletion of instances of this object are synchronized to HA mates via config-sync.
When an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.
A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.
This has been deprecated since 2.19. Replaced by clientCertAuthorities.
SempMetaOnlyResponse The request metadata.
ApiError
The name of the Certificate Authority. *
The expected Trusted Common Name of the OCSP responder remote certificate. *
Optional xOptional context id the request is running. *
Static getGet a list of Certificate Authority objects. Get a list of Certificate Authority objects.
Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.
| Attribute | Identifying | Write-Only | Deprecated | Opaque |
|---|---|---|---|---|
| certAuthorityName | x | x | ||
| certContent | x | |||
| crlDayList | x | |||
| crlTimeList | x | |||
| crlUrl | x | |||
| ocspNonResponderCertEnabled | x | |||
| ocspOverrideUrl | x | |||
| ocspTimeout | x | |||
| revocationCheckEnabled | x |
A SEMP client authorized with a minimum access scope/level of "global/read-only" is required to perform this operation.
This has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.
CertAuthoritiesResponse The list of Certificate Authority objects' attributes, and the request metadata.
SempMetaOnlyResponse The error response.
ApiError
Optional count?: numberLimit the count of objects in the response. See the documentation for the count parameter. *
Optional cursor?: stringThe cursor, or position, for the next page of objects. See the documentation for the cursor parameter. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional where?: string[]Include in the response only objects where certain conditions are true. See the the documentation for the where parameter. *
Optional xOptional context id the request is running. *
Static getGet a Certificate Authority object. Get a Certificate Authority object.
Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.
| Attribute | Identifying | Write-Only | Deprecated | Opaque |
|---|---|---|---|---|
| certAuthorityName | x | x | ||
| certContent | x | |||
| crlDayList | x | |||
| crlTimeList | x | |||
| crlUrl | x | |||
| ocspNonResponderCertEnabled | x | |||
| ocspOverrideUrl | x | |||
| ocspTimeout | x | |||
| revocationCheckEnabled | x |
A SEMP client authorized with a minimum access scope/level of "global/read-only" is required to perform this operation.
This has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.
CertAuthorityResponse The Certificate Authority object's attributes, and the request metadata.
SempMetaOnlyResponse The error response.
ApiError
The name of the Certificate Authority. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional xOptional context id the request is running. *
Static getGet an OCSP Responder Trusted Common Name object. Get an OCSP Responder Trusted Common Name object.
When an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.
| Attribute | Identifying | Write-Only | Deprecated | Opaque |
|---|---|---|---|---|
| certAuthorityName | x | x | ||
| ocspTlsTrustedCommonName | x | x |
A SEMP client authorized with a minimum access scope/level of "global/read-only" is required to perform this operation.
This has been deprecated since 2.19. Replaced by clientCertAuthorities.
CertAuthorityOcspTlsTrustedCommonNameResponse The OCSP Responder Trusted Common Name object's attributes, and the request metadata.
SempMetaOnlyResponse The error response.
ApiError
The name of the Certificate Authority. *
The expected Trusted Common Name of the OCSP responder remote certificate. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional xOptional context id the request is running. *
Static getGet a list of OCSP Responder Trusted Common Name objects. Get a list of OCSP Responder Trusted Common Name objects.
When an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.
| Attribute | Identifying | Write-Only | Deprecated | Opaque |
|---|---|---|---|---|
| certAuthorityName | x | x | ||
| ocspTlsTrustedCommonName | x | x |
A SEMP client authorized with a minimum access scope/level of "global/read-only" is required to perform this operation.
This has been deprecated since 2.19. Replaced by clientCertAuthorities.
CertAuthorityOcspTlsTrustedCommonNamesResponse The list of OCSP Responder Trusted Common Name objects' attributes, and the request metadata.
SempMetaOnlyResponse The error response.
ApiError
The name of the Certificate Authority. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional where?: string[]Include in the response only objects where certain conditions are true. See the the documentation for the where parameter. *
Optional xOptional context id the request is running. *
Static replaceReplace a Certificate Authority object. Replace a Certificate Authority object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.
Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.
| Attribute | Identifying | Const | Read-Only | Write-Only | Requires-Disable | Deprecated | Opaque |
|---|---|---|---|---|---|---|---|
| certAuthorityName | x | x | x | ||||
| certContent | x | ||||||
| crlDayList | x | ||||||
| crlTimeList | x | ||||||
| crlUrl | x | x | |||||
| ocspNonResponderCertEnabled | x | ||||||
| ocspOverrideUrl | x | ||||||
| ocspTimeout | x | ||||||
| revocationCheckEnabled | x |
The following attributes in the request may only be provided in certain combinations with other attributes:
| Class | Attribute | Requires | Conflicts |
|---|---|---|---|
| CertAuthority | crlDayList | crlTimeList | |
| CertAuthority | crlTimeList | crlDayList |
A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.
This has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.
CertAuthorityResponse The Certificate Authority object's attributes after being replaced, and the request metadata.
SempMetaOnlyResponse The error response.
ApiError
The Certificate Authority object's attributes. *
The name of the Certificate Authority. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional xOptional context id the request is running. *
Static updateUpdate a Certificate Authority object. Update a Certificate Authority object. Any attribute missing from the request will be left unchanged.
Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.
| Attribute | Identifying | Read-Only | Write-Only | Requires-Disable | Deprecated | Opaque |
|---|---|---|---|---|---|---|
| certAuthorityName | x | x | x | |||
| certContent | x | |||||
| crlDayList | x | |||||
| crlTimeList | x | |||||
| crlUrl | x | x | ||||
| ocspNonResponderCertEnabled | x | |||||
| ocspOverrideUrl | x | |||||
| ocspTimeout | x | |||||
| revocationCheckEnabled | x |
The following attributes in the request may only be provided in certain combinations with other attributes:
| Class | Attribute | Requires | Conflicts |
|---|---|---|---|
| CertAuthority | crlDayList | crlTimeList | |
| CertAuthority | crlTimeList | crlDayList |
A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.
This has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.
CertAuthorityResponse The Certificate Authority object's attributes after being updated, and the request metadata.
SempMetaOnlyResponse The error response.
ApiError
The Certificate Authority object's attributes. *
The name of the Certificate Authority. *
Optional opaqueAccept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *
Optional select?: string[]Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *
Optional xOptional context id the request is running. *
Deprecated
Create a Certificate Authority object. Create a Certificate Authority object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.
Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.
The following attributes in the request may only be provided in certain combinations with other attributes:
A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.
This has been deprecated since 2.19. Replaced by clientCertAuthorities and domainCertAuthorities.
Returns
CertAuthorityResponse The Certificate Authority object's attributes after being created, and the request metadata.
Returns
SempMetaOnlyResponse The error response.
Throws
ApiError