Private Key
The /files/tls/<id>/privateKey URL provides access to the private key of the specific TLS context. You may verify the size and validity of the current private key or upload a new private key to the device. When uploading (via PUT method), the private key must be specified in PEM format.
In accordance with the best security practices, it is impossible to extract (download) the private key from the device.
URL
/api/v1/files/tls/<id>/privateKey
HTTP Method
GET, PUT
Supported Parameters (for PUT request)
|
Parameter |
Type |
Description |
|---|---|---|
|
password |
String |
(Optional) Password of the private key. Default = <none>. |
HTTP Responses
| ■ | 200 OK |
| ■ | 400 Bad request – provided private key file is incorrect (e.g. not in PEM format or has invalid size). |
| ■ | 409 Conflict – private key can’t be loaded due to current device state (e.g. redundant board is synchronizing). |
Example 1
| ■ | Request: |
GET /api/v1/files/tls/2/privateKey HTTP/1.1 Host: 10.4.219.229
| ■ | Response: |
HTTP/1.1 200 OK
Content-Type: application/json
{
"size": 1024,
"valid": True // as per “Private Key” status in Web
}
Example 2
| ■ | Request: |
PUT /api/v1/files/tls/2/privateKey HTTP/1.1 Host: 10.4.219.229 Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW ------WebKitFormBoundary7MA4YWxkTrZu0gW Content-Disposition: form-data; name="file"; filename="key.pem" Content-Type: application/octet-stream -----BEGIN RSA PRIVATE KEY----- zg1X8vSyH/ED929hjGNF1hAxmIVIgdQdGG3kkWnlmI+4X4kLA3TMHPIkYjwaGPhH 2cdpdkm8KXg8H/hzVIaf/qB6QyiL84d/zRtAG8FlfHVaBxkOlSp/kLzHSVT4iD/J ... YxlA9aGrlI+wsk/h80YFO1y6LwYSfgUaFPdJ11sOjz5bpVTpwT5P0DwT4cPfHRnQ 33Hn3pxbYq22t5Q6r2RE8DEMUAN8gVQ6Ec2JYp901NrQhM4GCHm+mw== -----END RSA PRIVATE KEY----- ------WebKitFormBoundary7MA4YWxkTrZu0gW--
| ■ | Response: |
HTTP/1.1 200 OK
Content-Type: application/json
{
"description": "Private key was successfully changed"
}