Trusted Root Certificates
The /files/tls/<id>/trustedRoot URL provides access to the trusted root store of the specific TLS context. You may download the current content of the store (multiple trusted root certificates) or upload the new content of the store. When uploading (via PUT method), certificates must be specified in PEM format. Mutiple certficates may be specified one after another.
This API uploads and downloads complete trusted root store (that may contain multiple certificates). If you need to modify trusted root store by uploading an additional trusted root certificate – use trustedRoot/incremental API instead as described in Add Certificate to Trusted Root Store.
URL
/api/v1/files/tls/<id>/trustedRoot
HTTP Method
GET, PUT
Supported Responses
| ■ | 200 OK |
| ■ | 400 Bad request – provided certificate file is wrong (e.g. not in PEM format) |
| ■ | 409 Conflict – private key can’t be loaded due to current device state (e.g. redundant board is synchronizing). |
Example 1
| ■ | Request: |
GET /api/v1/files/tls/2/trustedRoot HTTP/1.1 Host: 10.4.219.229
| ■ | Response: |
HTTP/1.1 200 OK Content-Type: application/octet-stream -----BEGIN CERTIFICATE----- MIIC7jCCAdagAwIBAgIBBjANBgkqhkiG9w0BAQUFADAgMQwwCgYDVQQKEwNBQ0wx EDAOBgNVBAMUB0NBXzI0MzkwHhcNMDAwMTAxMDAwMDAwWhcNMzAwMTAxMDAwMDAw ... kedoijcGdGJ9xA0bZa/lFqQQWPnKn735B5d5yjGPStHrh4QgtMaK6x3RmMnuPjoo nK4zC2nJLBYcTpJUlAQvEFsoiLaBmyJl0wNF8HY3IgcT8g== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC7jCCAdagAwIBAgIBBTANBgkqhkiG9w0BAQUFADAgMQwwCgYDVQQKEwNBQ0wx EDAOBgNVBAMUB0NBXzI0MzkwHhcNMDAwMTAxMDAwMDAwWhcNMzAwMTAxMDAwMDAw ... 3PTmpOih9jPFd69pjzg0zDef8E3JsmYfQUHiokwnkcpC6od8WRu4JMnE9jQ4cARi apkJGofjnELCq4ym/JjskqMSBhNpBUz93/xxZlf25K1XIQ== -----END CERTIFICATE-----
Example 2
| ■ | Request: |
PUT /api/v1/files/tls/2/trustedRoot HTTP/1.1 Host: 10.4.219.229 Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW ------WebKitFormBoundary7MA4YWxkTrZu0gW Content-Disposition: form-data; name="file"; filename="trust.pem" Content-Type: application/octet-stream -----BEGIN CERTIFICATE----- MIIC7jCCAdagAwIBAgIBBjANBgkqhkiG9w0BAQUFADAgMQwwCgYDVQQKEwNBQ0wx EDAOBgNVBAMUB0NBXzI0MzkwHhcNMDAwMTAxMDAwMDAwWhcNMzAwMTAxMDAwMDAw ... kedoijcGdGJ9xA0bZa/lFqQQWPnKn735B5d5yjGPStHrh4QgtMaK6x3RmMnuPjoo nK4zC2nJLBYcTpJUlAQvEFsoiLaBmyJl0wNF8HY3IgcT8g== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIC7jCCAdagAwIBAgIBBTANBgkqhkiG9w0BAQUFADAgMQwwCgYDVQQKEwNBQ0wx EDAOBgNVBAMUB0NBXzI0MzkwHhcNMDAwMTAxMDAwMDAwWhcNMzAwMTAxMDAwMDAw ... 3PTmpOih9jPFd69pjzg0zDef8E3JsmYfQUHiokwnkcpC6od8WRu4JMnE9jQ4cARi apkJGofjnELCq4ym/JjskqMSBhNpBUz93/xxZlf25K1XIQ== -----END CERTIFICATE----- ------WebKitFormBoundary7MA4YWxkTrZu0gW--
| ■ | Response: |
HTTP/1.1 200 OK
Content-Type: application/json
{
"description": "Trusted root store was successfully changed"
}