Class ClientCertAuthorityService

Hierarchy

  • ClientCertAuthorityService

Constructors

constructor

Methods

createClientCertAuthority createClientCertAuthorityOcspTlsTrustedCommonName deleteClientCertAuthority deleteClientCertAuthorityOcspTlsTrustedCommonName getClientCertAuthorities getClientCertAuthority getClientCertAuthorityOcspTlsTrustedCommonName getClientCertAuthorityOcspTlsTrustedCommonNames replaceClientCertAuthority updateClientCertAuthority

Constructors

constructor

Methods

Static createClientCertAuthority

  • Create a Client Certificate Authority object. Create a Client Certificate Authority object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.

    Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.

    Attribute Identifying Required Read-Only Write-Only Deprecated Opaque
    certAuthorityName x x

    The following attributes in the request may only be provided in certain combinations with other attributes:

    Class Attribute Requires Conflicts
    ClientCertAuthority crlDayList crlTimeList
    ClientCertAuthority crlTimeList crlDayList

    A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.

    This has been available since 2.19.

    Returns

    ClientCertAuthorityResponse The Client Certificate Authority object's attributes after being created, and the request metadata.

    Returns

    SempMetaOnlyResponse The error response.

    Throws

    ApiError

    Parameters

    • __namedParameters: {
          body: ClientCertAuthority;
          opaquePassword?: string;
          select?: string[];
          xContextId?: string;
      }
      • body: ClientCertAuthority

        The Client Certificate Authority object's attributes. *

      • Optional opaquePassword?: string

        Accept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *

      • Optional select?: string[]

        Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *

      • Optional xContextId?: string

        Optional context id the request is running. *

    Returns CancelablePromise<ClientCertAuthorityResponse | SempMetaOnlyResponse>

Static createClientCertAuthorityOcspTlsTrustedCommonName

  • Create an OCSP Responder Trusted Common Name object. Create an OCSP Responder Trusted Common Name object. Any attribute missing from the request will be set to its default value. The creation of instances of this object are synchronized to HA mates via config-sync.

    When an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.

    Attribute Identifying Required Read-Only Write-Only Deprecated Opaque
    certAuthorityName x x
    ocspTlsTrustedCommonName x x

    A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.

    This has been available since 2.19.

    Returns

    ClientCertAuthorityOcspTlsTrustedCommonNameResponse The OCSP Responder Trusted Common Name object's attributes after being created, and the request metadata.

    Returns

    SempMetaOnlyResponse The error response.

    Throws

    ApiError

    Parameters

    • __namedParameters: {
          body: ClientCertAuthorityOcspTlsTrustedCommonName;
          certAuthorityName: string;
          opaquePassword?: string;
          select?: string[];
          xContextId?: string;
      }
      • body: ClientCertAuthorityOcspTlsTrustedCommonName

        The OCSP Responder Trusted Common Name object's attributes. *

      • certAuthorityName: string

        The name of the Certificate Authority. *

      • Optional opaquePassword?: string

        Accept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *

      • Optional select?: string[]

        Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *

      • Optional xContextId?: string

        Optional context id the request is running. *

    Returns CancelablePromise<ClientCertAuthorityOcspTlsTrustedCommonNameResponse | SempMetaOnlyResponse>

Static deleteClientCertAuthority

  • Delete a Client Certificate Authority object. Delete a Client Certificate Authority object. The deletion of instances of this object are synchronized to HA mates via config-sync.

    Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.

    A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.

    This has been available since 2.19.

    Returns

    SempMetaOnlyResponse The request metadata.

    Throws

    ApiError

    Parameters

    • __namedParameters: {
          certAuthorityName: string;
          xContextId?: string;
      }
      • certAuthorityName: string

        The name of the Certificate Authority. *

      • Optional xContextId?: string

        Optional context id the request is running. *

    Returns CancelablePromise<SempMetaOnlyResponse>

Static deleteClientCertAuthorityOcspTlsTrustedCommonName

  • Delete an OCSP Responder Trusted Common Name object. Delete an OCSP Responder Trusted Common Name object. The deletion of instances of this object are synchronized to HA mates via config-sync.

    When an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.

    A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.

    This has been available since 2.19.

    Returns

    SempMetaOnlyResponse The request metadata.

    Throws

    ApiError

    Parameters

    • __namedParameters: {
          certAuthorityName: string;
          ocspTlsTrustedCommonName: string;
          xContextId?: string;
      }
      • certAuthorityName: string

        The name of the Certificate Authority. *

      • ocspTlsTrustedCommonName: string

        The expected Trusted Common Name of the OCSP responder remote certificate. *

      • Optional xContextId?: string

        Optional context id the request is running. *

    Returns CancelablePromise<SempMetaOnlyResponse>

Static getClientCertAuthorities

  • Get a list of Client Certificate Authority objects. Get a list of Client Certificate Authority objects.

    Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.

    Attribute Identifying Write-Only Deprecated Opaque
    certAuthorityName x

    A SEMP client authorized with a minimum access scope/level of "global/read-only" is required to perform this operation.

    This has been available since 2.19.

    Returns

    ClientCertAuthoritiesResponse The list of Client Certificate Authority objects' attributes, and the request metadata.

    Returns

    SempMetaOnlyResponse The error response.

    Throws

    ApiError

    Parameters

    • __namedParameters: {
          count?: number;
          cursor?: string;
          opaquePassword?: string;
          select?: string[];
          where?: string[];
          xContextId?: string;
      }
      • Optional count?: number

        Limit the count of objects in the response. See the documentation for the count parameter. *

      • Optional cursor?: string

        The cursor, or position, for the next page of objects. See the documentation for the cursor parameter. *

      • Optional opaquePassword?: string

        Accept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *

      • Optional select?: string[]

        Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *

      • Optional where?: string[]

        Include in the response only objects where certain conditions are true. See the the documentation for the where parameter. *

      • Optional xContextId?: string

        Optional context id the request is running. *

    Returns CancelablePromise<ClientCertAuthoritiesResponse | SempMetaOnlyResponse>

Static getClientCertAuthority

  • Get a Client Certificate Authority object. Get a Client Certificate Authority object.

    Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.

    Attribute Identifying Write-Only Deprecated Opaque
    certAuthorityName x

    A SEMP client authorized with a minimum access scope/level of "global/read-only" is required to perform this operation.

    This has been available since 2.19.

    Returns

    ClientCertAuthorityResponse The Client Certificate Authority object's attributes, and the request metadata.

    Returns

    SempMetaOnlyResponse The error response.

    Throws

    ApiError

    Parameters

    • __namedParameters: {
          certAuthorityName: string;
          opaquePassword?: string;
          select?: string[];
          xContextId?: string;
      }
      • certAuthorityName: string

        The name of the Certificate Authority. *

      • Optional opaquePassword?: string

        Accept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *

      • Optional select?: string[]

        Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *

      • Optional xContextId?: string

        Optional context id the request is running. *

    Returns CancelablePromise<ClientCertAuthorityResponse | SempMetaOnlyResponse>

Static getClientCertAuthorityOcspTlsTrustedCommonName

  • Get an OCSP Responder Trusted Common Name object. Get an OCSP Responder Trusted Common Name object.

    When an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.

    Attribute Identifying Write-Only Deprecated Opaque
    certAuthorityName x
    ocspTlsTrustedCommonName x

    A SEMP client authorized with a minimum access scope/level of "global/read-only" is required to perform this operation.

    This has been available since 2.19.

    Returns

    ClientCertAuthorityOcspTlsTrustedCommonNameResponse The OCSP Responder Trusted Common Name object's attributes, and the request metadata.

    Returns

    SempMetaOnlyResponse The error response.

    Throws

    ApiError

    Parameters

    • __namedParameters: {
          certAuthorityName: string;
          ocspTlsTrustedCommonName: string;
          opaquePassword?: string;
          select?: string[];
          xContextId?: string;
      }
      • certAuthorityName: string

        The name of the Certificate Authority. *

      • ocspTlsTrustedCommonName: string

        The expected Trusted Common Name of the OCSP responder remote certificate. *

      • Optional opaquePassword?: string

        Accept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *

      • Optional select?: string[]

        Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *

      • Optional xContextId?: string

        Optional context id the request is running. *

    Returns CancelablePromise<ClientCertAuthorityOcspTlsTrustedCommonNameResponse | SempMetaOnlyResponse>

Static getClientCertAuthorityOcspTlsTrustedCommonNames

  • Get a list of OCSP Responder Trusted Common Name objects. Get a list of OCSP Responder Trusted Common Name objects.

    When an OCSP override URL is configured, the OCSP responder will be required to sign the OCSP responses with certificates issued to these Trusted Common Names. A maximum of 8 common names can be configured as valid response signers.

    Attribute Identifying Write-Only Deprecated Opaque
    certAuthorityName x
    ocspTlsTrustedCommonName x

    A SEMP client authorized with a minimum access scope/level of "global/read-only" is required to perform this operation.

    This has been available since 2.19.

    Returns

    ClientCertAuthorityOcspTlsTrustedCommonNamesResponse The list of OCSP Responder Trusted Common Name objects' attributes, and the request metadata.

    Returns

    SempMetaOnlyResponse The error response.

    Throws

    ApiError

    Parameters

    • __namedParameters: {
          certAuthorityName: string;
          opaquePassword?: string;
          select?: string[];
          where?: string[];
          xContextId?: string;
      }
      • certAuthorityName: string

        The name of the Certificate Authority. *

      • Optional opaquePassword?: string

        Accept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *

      • Optional select?: string[]

        Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *

      • Optional where?: string[]

        Include in the response only objects where certain conditions are true. See the the documentation for the where parameter. *

      • Optional xContextId?: string

        Optional context id the request is running. *

    Returns CancelablePromise<ClientCertAuthorityOcspTlsTrustedCommonNamesResponse | SempMetaOnlyResponse>

Static replaceClientCertAuthority

  • Replace a Client Certificate Authority object. Replace a Client Certificate Authority object. Any attribute missing from the request will be set to its default value, subject to the exceptions in note 4.

    Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.

    Attribute Identifying Const Read-Only Write-Only Requires-Disable Deprecated Opaque
    certAuthorityName x x
    crlUrl x

    The following attributes in the request may only be provided in certain combinations with other attributes:

    Class Attribute Requires Conflicts
    ClientCertAuthority crlDayList crlTimeList
    ClientCertAuthority crlTimeList crlDayList

    A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.

    This has been available since 2.19.

    Returns

    ClientCertAuthorityResponse The Client Certificate Authority object's attributes after being replaced, and the request metadata.

    Returns

    SempMetaOnlyResponse The error response.

    Throws

    ApiError

    Parameters

    • __namedParameters: {
          body: ClientCertAuthority;
          certAuthorityName: string;
          opaquePassword?: string;
          select?: string[];
          xContextId?: string;
      }
      • body: ClientCertAuthority

        The Client Certificate Authority object's attributes. *

      • certAuthorityName: string

        The name of the Certificate Authority. *

      • Optional opaquePassword?: string

        Accept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *

      • Optional select?: string[]

        Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *

      • Optional xContextId?: string

        Optional context id the request is running. *

    Returns CancelablePromise<ClientCertAuthorityResponse | SempMetaOnlyResponse>

Static updateClientCertAuthority

  • Update a Client Certificate Authority object. Update a Client Certificate Authority object. Any attribute missing from the request will be left unchanged.

    Clients can authenticate with the message broker over TLS by presenting a valid client certificate. The message broker authenticates the client certificate by constructing a full certificate chain (from the client certificate to intermediate CAs to a configured root CA). The intermediate CAs in this chain can be provided by the client, or configured in the message broker. The root CA must be configured on the message broker.

    Attribute Identifying Read-Only Write-Only Requires-Disable Deprecated Opaque
    certAuthorityName x x
    crlUrl x

    The following attributes in the request may only be provided in certain combinations with other attributes:

    Class Attribute Requires Conflicts
    ClientCertAuthority crlDayList crlTimeList
    ClientCertAuthority crlTimeList crlDayList

    A SEMP client authorized with a minimum access scope/level of "global/admin" is required to perform this operation.

    This has been available since 2.19.

    Returns

    ClientCertAuthorityResponse The Client Certificate Authority object's attributes after being updated, and the request metadata.

    Returns

    SempMetaOnlyResponse The error response.

    Throws

    ApiError

    Parameters

    • __namedParameters: {
          body: ClientCertAuthority;
          certAuthorityName: string;
          opaquePassword?: string;
          select?: string[];
          xContextId?: string;
      }
      • body: ClientCertAuthority

        The Client Certificate Authority object's attributes. *

      • certAuthorityName: string

        The name of the Certificate Authority. *

      • Optional opaquePassword?: string

        Accept opaque attributes in the request or return opaque attributes in the response, encrypted with the specified password. See the documentation for the opaquePassword parameter. *

      • Optional select?: string[]

        Include in the response only selected attributes of the object, or exclude from the response selected attributes of the object. See the documentation for the select parameter. *

      • Optional xContextId?: string

        Optional context id the request is running. *

    Returns CancelablePromise<ClientCertAuthorityResponse | SempMetaOnlyResponse>

Settings

Member Visibility

Theme