POST /rest/containers/{container_key}/listeners/{listener_name}/pki/assign

Assigns PKI keys from an external keystore to the container's inbound listener by associating the keystore alias and password with the key.

Authorization Roles/Permissions: System administrator only. Include Base64-encoded username and password, separated by a colon in the Authorization header.

This topic includes the following sections:

HTTP Method

POST

URL

https://{hostname}/rest/containers/{container_key}/listeners/{listener_name}/pki/assign

Sample Request

The following example shows assigning the PKI keys to a container's inbound listener.

Sample Request URL

https://{hostname}/rest/containers/eapnd-hsm2/listeners/default-https/pki/assign

Sample request headers

Accept-Encoding: gzip,deflate
Accept: application/json
Content-Type: application/json				
Content-Length: 83				
Host: {hostname}				
Connection: Keep-Alive								
Authorization: Basic YWRtaW5pc3RyYXRvcjpwYXNzd29yZA==								

Sample request body

In the request body, the password is optional.

{
  "alias" : "eapnd-cloudhsm-listener-1",
  "password" : "password"
}

Request Headers

For general information on request header values, refer to HTTP Request Headers.

Header Description
Accept application/json
Content-Type application/json
Authorization Basic <Base64-encoded username and password, separated by a colon>

Request Parameters

Parameter Parm Type Data Type Required Description
key Path String Required The container identity to which the PKIs is assigned.
listener Path String Required The listener to which the PKIs is assigned.
alias Body String Required The alias of the PKI keys from the external keystore.
password Body String Optional The password for the PKI key.

Response

If successful, this operation returns HTTP status code 200 with information about the PKI keys and certificates.

Sample Response

The sample response shows successful completion of this operation.

Sample response headers: application/json

Transfer-Encoding: chunked
status: 200 OK
Date: Mon, 18 Mar 2023 05:52:03 GMT
Content-Type: application/json

Sample response body: application/json

{
  "privateKeyExists":true,
  "publicKey":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylhqsMrK0/AtEvKbspPXlV1SsL7UCfB43sJ5/S/uUnlATK9Xvkuduz8HTIyfsDa98hGCUG130T+WHhFJeMCWClO9qdkIZC/YHbC6g4DisL59ltyjbvAMpNSJGaMBOyJAdt6cuI3YgrLawCrVYLwQ6hANkQUsxQGtAKMdJA/Z7Ko5gUZ/CShpCbaIdj2Srk1enACZzY8HGi1k1Jn419EC5AbtNrrn6YCOXrrJeahCA+jjLXttZtXCPLK/knm+xOGtAo/Q9oDtzXWheNZ0hOv9HYBkE0WNsLgjx5r6kBN8pRg8cYmoP0J4VQUme7nBFDv451yIGQfqS17s6rTzoUYH/QIDAQAB",
  "certificateInfo":{
    "subjectDN": "CN=eapnd-cloudhsm-listener-1.aws.akana.roguewave.com, OU=AKANA, O=PERFORCE, L=PARKER, ST=CO, C=US",
    "issuerDN": "CN=eapnd-cloudhsm-listener-1.aws.akana.roguewave.com, OU=AKANA, O=PERFORCE, L=PARKER, ST=CO, C=US",
    "serialNo": "340387952",
    "effectiveDate": 1675942266000,
    "expirationDate": 1707046266000
  }
}

Response Headers

For general information on response header values, refer to HTTP Response Headers.

Header Description
Content-Type application/json

Response Body

Name Type Description
PrivateKeyExists PKIInfo Indicates whether private key is assigned to a listener.
PublicKey PKIInfo Contains information about the public key that is assigned to the listener.
CertificateInfo CertificateInfo Contains information about the certificate assigned to the container.

Error Codes/Messages

If the call is unsuccessful an error code/message is returned. One or more examples of possible errors for this operation are shown below.

Item Value
401 Unauthorized. For example, you would get this response if you did not include an authorization token in the header or if you included an invalid or expired token value for this header.
500 An error occurred while processing the call. For example, wrong parameters were sent in the request.

More information about Akana API Platform API error messages.