POST Certificates Analyze

The POST /Certificates/Analyze method is used to parse a raw binary certificate returned from a CAClosed A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. into human-readable list of certificate details. This method returns HTTP 200 OK on a success with a list of the contents of the certificate.

Tip:  The following permissions (see Security Overview) are required to use this feature:

Certificates: Read
OR
Certificates: Import

Table 214: POST Certificates Analyze Input Parameters

Name In Description
Certificate Body

Required. The base-64 encoded PEMClosed A PEM format certificate file is a base64-encoded certificate. Since it's presented in ASCII, you can open it in any text editor. PEM certificates always begin and end with entries like ---- BEGIN CERTIFICATE---- and ----END CERTIFICATE----. PEM certificates can contain a single certificate or a full certifiate chain and may contain a private key. Usually, extensions of .cer and .crt are certificate files with no private key, .key is a separate private key file, and .pem is both a certificate and private key. string of the certificate, not including the header and footer (e.g. -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----).
Password Body The password used to encrypt the private keyClosed Private keys are used in cryptography (symmetric and asymmetric) to encrypt or sign content. In asymmetric cryptography, they are used together in a key pair with a public key. The private or secret key is retained by the key's creator, making it highly secure. of the certificate for a base-64 encoded PEM containing the certificate’s private key (-----BEGIN ENCRYPTED PRIVATE KEY-----).

Table 215: POST Certificates Analyze Response Data

Name Description
IssuedDN A string containing the distinguished name of the certificate.
IssuerDN A string containing the distinguished name of the issuer.
Thumbprint A string containing the thumbprint of the certificate.
NotAfter The date/time, in UTC, on which the certificate expires.
NotBefore The date/time, in UTC, on which the certificate was issued by the certificate authorityClosed A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA..
MetadataClosed Metadata provides information about a piece of data. It is used to summarize basic information about data, which can make working with the data easier. In the context of Keyfactor Command, the certificate metadata feature allows you to create custom metadata fields that allow you to tag certificates with tracking information about certificates. An array containing the metadata fields populated for the certificate.
IsEndEntity A Boolean indicating whether the certificate is the end entity of the chain (true) or not (false).
Tip:  For code examples, see the Keyfactor API Endpoint Utility. To find the embedded web copy of this utility, click the help icon () at the top of the Keyfactor Command Management Portal page next to the Log Out button.