Certificates Recover
The Recover method allows a user to recover an archived private key
Private keys are used in cryptography (symmetric and asymmetric) to encrypt or sign content. In asymmetric cryptography, they are used together in a key pair with a public key. The private or secret key is retained by the key's creator, making it highly secure. for an issued certificate. For recovery to succeed, the CA A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. that issued the certificate must have been configured to archive the private key, and the Key Recovery Agent certificate must be imported into the personal certificate store of the Keyfactor Command API A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. IIS Application Pool's user account on the Keyfactor Command API server. If successful, the method will return the certificate and recovered private key as a base64-encoded PFX A PFX file (personal information exchange format), also known as a PKCS#12 archive, is a single, password-protected certificate archive that contains both the public and matching private key and, optionally, the certificate chain. It is a common format for Windows servers. file. On error, an appropriate HTTP status code and message will be returned. See Configuring Key Recovery for Keyfactor Command in the Keyfactor Command Reference Guide for information about configuring key recovery.
Table 690: POST /3/Recover Request Body
|
Parameter Name |
Parameter Value |
||||
|---|---|---|---|---|---|
|
Lookup |
Description of the certificate to be renewed. See Table 668: Classic API Certificate Lookup Structure. |
||||
|
Details |
Information to complete the recovery operation. This contains just a single field:
|
Example Request
POST http://<host>/CMSApi/Certificates/3/Recover HTTP/1.1
{
"Lookup" : {"Type" : "CMSID", "CMSID" : 248852},
"Details": {"Password": "MyPassword1234"}
}
Example Response
{
"pfx" : "<PEM-encoded pfx>"
}
