POST Certificate Authority Test

The POST /CertificateAuthority/Test method is used to validate that a connection can be made to the certificate authorityClosed A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. with the provided information. This method returns HTTP 200 OK on a success with details for the success or failure of the CAClosed A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. validation.

Tip:  The following permissions (see Security Overview) are required to use this feature:

PkiManagement: Read

Table 234: POST Certificate Authority Test Input Parameters

Name In Description
LogicalName Body Required. A string indicating the logical nameClosed The logical name of a CA is the common name given to the CA at the time it is created. For Microsoft CAs, this name can be seen at the top of the Certificate Authority MMC snap-in. It is part of the FQDN\Logical Name string that is used to refer to CAs when using command-line tools and in some Keyfactor Command configuration settings (e.g. ca2.keyexample.com\Corp Issuing CA Two). of the certificate authority.
HostNameClosed The unique identifier that serves as name of a computer. It is sometimes presented as a fully qualified domain name (e.g. servername.keyexample.com) and sometimes just as a short name (e.g. servername). Body Required. A string indicating the DNSClosed The Domain Name System is a service that translates names into IP addresses. hostname (for DCOM configurations) or URL (for HTTPS configurations) of the certificate authority (e.g. myca.keyexample.com or https://myca.keyexample.com).
ConfigurationTenant Body

Required*. A string indicating the forestClosed An Active Directory forest (AD forest) is the top most logical container in an Active Directory configuration that contains domains, and objects such as users and computers. root name or DNS domain name for the certificate authority (e.g. keyexample.com).

This parameterClosed A parameter or argument is a value that is passed into a function in an application. is required for Microsoft CAs.
AuthCertificatePassword Body

Required*. An array indicating the password for the PKCS#12Closed A PFX file (personal information exchange format), also known as a PKCS#12 archive, is a single, password-protected certificate archive that contains both the public and matching private key and, optionally, the certificate chain. It is a common format for Windows servers. client certificate to use to authenticate to the EJBCA CA. The password is provided in the following format:

{
   "SecretValue": "MySuperSecretPassword"
}

This parameter is required for EJBCA CAs.
AuthCertificate Body

Required*. An array containing the base-64 encoded PKCS#12 client certificate used to provide authentication to the EJBCA CA. This certificate is used to authenticate to the EJBCA database for synchronization, enrollmentClosed Certificate enrollment refers to the process by which a user requests a digital certificate. The user must submit the request to a certificate authority (CA). and management of certificates. The certificate is provided in the following format:

{
   "SecretValue": "MIACAQMwgAY ... CAwGQAAAA"
}

This parameter is required for EJBCA CAs.
CAType Body

An integer indicating the type of CA:

  • 0—DCOM

    Use this option for Microsoft CAs and CA gateways.

  • 1—HTTPS

    Use this option for EJBCA CAs.

The default is 0.

Table 235: POST Certificate Authority Test Response Data

Name Description
Success A Boolean that indicates whether the CA could successfully be reached (True) or not (False).
Message A string indicating a message about the validation test of the certificate authority.
Tip:  For code examples, see the Keyfactor API Endpoint Utility. To find the embedded web copy of this utility, click the help icon () at the top of the Keyfactor Command Management Portal page next to the Log Out button.