Catalog.SSL.CertificateAuthorities

URI: http://soap.zeus.com/zxtm/1.1/Catalog/SSL/CertificateAuthorities/

The Catalog.SSL.CertificateAuthorities interface allows management of SSL Certificate Authorities which are used to authenticate back-end nodes when doing SSL encryption.

Methods

deleteCertificateAuthority( names ) throws ObjectDoesNotExist

Delete the named Certificate Authority and associated Revocation list.

void deleteCertificateAuthority(

String[] names

)

getCertificateAuthorityInfo( names ) throws ObjectDoesNotExist

Get the Certificate Information, and the revoked certificates.

Catalog.SSL.CertificateAuthorities.Details[] getCertificateAuthorityInfo(

String[] names

)

getCertificateAuthorityNames()

Get the names of the configured Certificate Authorities.

String[] getCertificateAuthorityNames()

getRawCertificate( names ) throws ObjectDoesNotExist

Get the raw PEM encoded Certificate for the named Certificate Authorities.

String[] getRawCertificate(

String[] names

)

importCRL( crls ) throws InvalidInput, ObjectDoesNotExist

Import Certificate Revocation Lists. The associated Certificate Authority certificates should already be imported.

void importCRL(

String[] crls

)

importCertificateAuthority( names, certs ) throws InvalidObjectName, ObjectAlreadyExists, InvalidInput

Import new Certificate Authorities.

void importCertificateAuthority(

String[] names

String[] certs

)

renameCertificateAuthority( names, new_names ) throws InvalidObjectName, ObjectDoesNotExist, ObjectAlreadyExists, InvalidOperation

Rename the named Certificate Authorities.

void renameCertificateAuthority(

String[] names

String[] new_names

)

Structures

Catalog.SSL.CertificateAuthorities.CRL

This structure contains the information about a Certificate Revocation list.

struct Catalog.SSL.CertificateAuthorities.CRL {

# The time when the CRL was updated

Time update;

# The time that the CRL will next be updated.

Time next_update;

# The list of revoked certificates

Catalog.SSL.CertificateAuthorities.RevokedCert[] revoked_certs;

}

Catalog.SSL.CertificateAuthorities.Details

This structure contains the information about a Certificate Authority. It contains both the Certificate, and the list of revoked Certificates contained in the associated CRL.

struct Catalog.SSL.CertificateAuthorities.Details {

# The Certificate Authority certificate

Certificate certificate;

# If set to 'true' then there is an associated CRL, otherwise the CRL

# structure contains no useful information

Boolean have_crl;

# The associated CRL.

Catalog.SSL.CertificateAuthorities.CRL crl;

}

Catalog.SSL.CertificateAuthorities.RevokedCert

This structure contains the information about a revoked Certificate.

struct Catalog.SSL.CertificateAuthorities.RevokedCert {

# The serial number of the revoked certificate

String serial;

# The time that the certificate was revoked

Time revocation_date;

}

Certificate

This structure contains information (such as the subject and issuer) about a certificate.

struct Certificate {

# The version of the X509 Certificate

Integer version;

# The serial number of the Certificate

String serial;

# The issuer (i.e. who signed it) of the Certificate

X509Name issuer;

# The subject (i.e. who it is for) of the Certificate

X509Name subject;

# The time the certificate is valid from.

Time valid_from;

# The time the certificate is valid to.

Time valid_to;

# The type of key used in the certificate.

String key_type;

# The DSA public key 'y' used in the certificate.

String y;

# The first coordinate of the public key Q for an ECDSA key used in the

# certificate.

String Q_x;

# The second coordinate of the public key Q for an ECDSA key used in the

# certificate.

String Q_y;

# The name of the curve used by the ECDSA key used in the certificate.

String curve;

# The RSA modulus of the certificate.

String modulus;

# The RSA exponent of the certificate.

String exponent;

# Whether the certificate is self-signed (i.e. the issuer is the same as the

# subject)

Boolean self_signed;

}

CertificateFiles

This structure contains a public certificate and private key. It is used when importing certificates into the traffic manager.

struct CertificateFiles {

# The PEM-encoded public certificate (containing the BEGIN CERTIFICATE and

# END CERTIFICATE tags)

String public_cert;

# The PEM-encoded private key (containing the BEGIN RSA PRIVATE KEY and END

# RSA PRIVATE KEY tags)

String private_key;

}

X509Name

This structure contains a representation of an X509 Name object. These are used inside Certificate objects to represent the issuer and subject of the certificate.

struct X509Name {

# The common name (CN). This is usually the name of the site the certificate

# is issued to (e.g. "secure.example.com")

String common_name;

# The two-letter country code.

String country;

# The location (town or city).

String location;

# The state, this is only needed if the country is 'US'.

String state;

# The name of the organization

String organization;

# The unit inside the organization

String unit;

# An email address. This is usually empty.

String email;

}