PUT Certificate Stores Password

The PUT /CertificateStores/Password method is used to update a password for a certificate store that supports this functionality. This updates the password stored in Keyfactor Command for the certificate store but does not update the certificate store itself. This endpoint An endpoint is a URL that enables the API to gain access to resources on a server. returns 204 with no content upon success.

Tip: The following permissions (see Security Roles and Claims) are required to use this feature:

/certificate_stores/modify/

Permissions for certificate stores can be set at either the global or certificate store container level. See Container Permissions for more information about global vs container permissions.

Table 342: PUT Certificate Stores Password Input Parameters

Name Type Description

CertStoreID Body Required. A string indicating the GUID of the certificate store. Use the GET CertificateStores method (see GET Certificate Stores) to retrieve a list of all your certificate stores to determine the GUID of the store.

NewPassword

Body

Required. A object that sets the password used by Keyfactor Command to access the certificate store. It does not impact the certificate store itself, just Keyfactor Command's definition of it. Show password details.

Name

Description

SecretValue

A string containing the password. This value only needs to be supplied if you're storing your password in the Keyfactor Command database.

Provider

An integer that identifies the PAM provider used to store the password. Use the GET /PamProviders method (see GET PAM Providers) to retrieve a list of your defined PAM providers to determine the PAM provider ID to use.

This value only needs to be supplied if you're storing your password using a PAM provider.

Parameters

An object containing the parameters required by your PAM provider, including the information that identifies the location of the password in the PAM solution. Use the GET /PamProviders method (see GET PAM Providers) to retrieve a list of the parameters used by your PAM provider. Only parameters where InstanceLevel is equal to true need to be supplied in the request.

For example, for Delinea (formerly Thycotic), this might be:

"NewPassword": {
  "Provider": 2,
  "Parameters": {
    "SecretId": 5
  }
},

For CyberArk, this might be:

"NewPassword": {
  "Provider": 5,
  "Parameters": {
    "Folder": "Root",
    "Object": "F5Password"
  }
},

For a password stored in the Keyfactor Command database, this might be:

Copy

"NewPassword": {
   "SecretValue": "P@ssw0rd"
}

Tip: See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor API

A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflow

A workflow is a series of steps necessary to complete a process. In the context of Keyfactor Command, it refers to the workflow builder, which allows you automate event-driven tasks when a certificate is requested or revoked. development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon (

) at the top of the Management Portal page next to the Log Out button.

Version v12.5

On this page: