POST Certificate Authority Test

The POST /CertificateAuthority/Test method is used to validate that a connection can be made to the certificate authorityClosed A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. with the provided information. This method returns HTTP 200 OK on a success with details for the success or failure of the CAClosed A certificate authority (CA) is an entity that issues digital certificates. Within Keyfactor Command, a CA may be a Microsoft CA or a Keyfactor gateway to a cloud-based or remote CA. validation.

Tip:  The following permissions (see Security Overview) are required to use this feature:

PkiManagement: Read

Table 233: POST Certificate Authority Test Input Parameters

Name In Description
LogicalName Body Required. A string indicating the logical name of the certificate authority.
HostName Body Required. A string indicating the DNS hostname (for DCOM configurations) or URL (for HTTPS configurations) of the certificate authority (e.g. myca.keyexample.com or https://myca.keyexample.com).
ConfigurationTenant Body

Required*. A string indicating the forest root name or DNS domain name for the certificate authority (e.g. keyexample.com).

This parameter is required for Microsoft CAs.
AuthCertificatePassword Body

Required*. An array indicating the password for the PKCS#12 client certificate to use to authenticate to the EJBCA CA. The password is provided in the following format:

{
   "SecretValue": "MySuperSecretPassword"
}

This parameter is required for EJBCA CAs.
AuthCertificate Body

Required*. An array containing the base-64 encoded PKCS#12 client certificate used to provide authentication to the EJBCA CA. This certificate is used to authenticate to the EJBCA database for synchronization, enrollment and management of certificates. The certificate is provided in the following format:

{
   "SecretValue": "MIACAQMwgAY ... CAwGQAAAA"
}

This parameter is required for EJBCA CAs.
CAType Body

An integer indicating the type of CA:

  • 0—DCOM

    Use this option for Microsoft CAs and CA gateways.

  • 1—HTTPS

    Use this option for EJBCA CAs.

The default is 0.

Table 234: POST Certificate Authority Test Response Data

Name Description
Success A Boolean that indicates whether the CA could successfully be reached (True) or not (False).
Message A string indicating a message about the validation test of the certificate authority.
Tip:  For code examples, see the Keyfactor API Endpoint Utility. To find the embedded web copy of this utility, click the help icon () at the top of the Keyfactor Command Management Portal page next to the Log Out button.