POST Certificate Stores Server

Documentation Suite v10.3

The POST /CertificateStores/Server method is used to create a new server record for a certificate store in Keyfactor Command. This method returns HTTP 200 OK on a success with details of the newly created server record.

Tip: The following permissions (see Security Overview) are required to use this feature:

CertificateStoreManagement: Modify

Permissions for certificate stores can be set at either the global or certificate store container level. Creating new certificate store server records requires permissions at the global level. See Container Permissions in the Keyfactor Command Reference Guide for more information about global vs container permissions.

Note: This method has been deprecated and will be removed from the Keyfactor API

A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. in a future release. This method is retained until that time for backwards compatibility. Continuing to use this endpoint

An endpoint is a URL that enables the API to gain access to resources on a server. with the latest Keyfactor Command functionality could cause serious data issues.Certificate store server information is now found in the certificate store (see POST Certificate Stores). The Management Portal has additional functionality, such as being able to set different credentials for different stores on the same server, which use the new API endpoint.

Tip: If a certificate store that requires a server is missing a server definition within the store record, the certificate store server created with this method will be used. If no credentials are supplied in the request and no certificate store server exists, an error is returned and the request fails.

Table 266: POST Certificate Stores Server Input Parameters

Name In Description

Username

Body

Required. The username used to connect to the certificate store.

Show username details.

Password

Body

Required. The password used to connect to the certificate store.Show password details.

Name

Description

SecretValue

A string containing the password. This value only needs to be supplied if you're storing your password in the Keyfactor Command database.

Provider

An integer that identifies the PAM provider used to store the password. Use the GET /PamProviders method (see GET PAM Providers) to retrieve a list of your defined PAM providers to determine the PAM provider ID to use.

Parameters

The parameters required by your PAM provider, containing the information that identifies the location of the password in the PAM solution. Use the GET /PamProviders method (see GET PAM Providers) to retrieve a list of the parameters used by your PAM provider. Only parameters where InstanceLevel is equal to true need to be supplied in the request.

For example, for Delinea, this might be:

"Password": {
   "Provider": 2,
      "Parameters": {
      "SecretId": 5
   }
},

For CyberArk, this might be:

"Password": {
   "Provider": 5,
   "Parameters": {
      "Folder": "Root",
      "Object": "F5Password"
   }
},

UseSSL Body A Boolean that indicates whether Keyfactor Command will use SSL TLS (Transport Layer Security) and its predecessor SSL (Secure Sockets Layer) are protocols for establishing authenticated and encrypted links between networked computers. to communicate with the server (true) or not (false). The default is false.

ServerType

Body

An integer indicating the type of server. Show server type details (your environment may include custom values not shown here).

Use the GET /CertificateStoreTypes method (see GET Certificate Store Types) to locate the server types for your custom certificate store types. The ServerRegistration value returned by that method maps to the ServerType.

The default is 0.

Name Body Required. The host name The unique identifier that serves as name of a computer. It is sometimes presented as a fully qualified domain name (e.g. servername.keyexample.com) and sometimes just as a short name (e.g. servername). of the server.

Container Body An integer that identifies the certificate store container into which the certificate store should be placed for organizational and management purposes. This value must be specified if you are using PAM to store your username and/or password and your PAM provider has been configured to be linked to a specific certificate store container.

Table 267: POST Certificate Stores Server Response Data

Name

Description

The ID of the server.

UseSSL

A Boolean that indicates whether Keyfactor Command will use SSL to communicate with the server (true) or not (false).

ServerType

An integer indicating the type of server. Show server type details (your environment may include custom values not shown here).

Value	Description
0	F5 Web Server & F5 SSL Profiles
1	NetScaler
2	FTP
3	F5 Web Server REST
4	F5 SSL Profiles REST
5	F5 CA Bundles REST

Name

The host name of the server.

Tip: For code examples, see the Keyfactor API Endpoint Utility. To find the embedded web copy of this utility, click the help icon (

) at the top of the Keyfactor Command Management Portal page next to the Log Out button.

POST Certificate Stores Server

Products

Solutions

Resources

Company