Example 4: Certificate credential

This example shows you how to call POST Credentials/Create. The certificate and password are both passed in the Certificate parameter as a Base64 encoded PKCS#12. The contents is only accessible when the matching password is specified in the Password parameter.

You can use this example to create credentials for these CAs: 

  • Adaptable CA: Requires at least one of these credentials: UsernamePassword, Password, OR  Certificate.
  • Entrust CA Gateway:
  • Entrust Certificate Services: Requires both Certificate and UsernamePassword credentials.
  • HydrantID CA
  • OpenTrust Enterprise PKI Client

TIP  Know your CA's requirements for credentials. Remember that you are adding credentials as is. Always validate the Credential object. The best way to check is to create a CA Template in the UI and apply your credential. If an error occurs, correct the credential, and retry.

The Values array needs these elements:

  • Name: Certificate, Type:byte[], and Value that is the certificate.
  • Name: Password, Type:string, and Value that is the private key password.

Example: Create a Certificate Credential

Request

POST https://tpp.venafi.example/vedsdk/Credentials/Create
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "CredentialPath":"\\VED\\Policy\\Top Level\\MyUsernameCred4",
   "FriendlyName":"Certificate",
   "Expiration":"\/Date(1716122248657)\/",
   "Values":[
      {
         "Name":"Certificate",
         "Type":"byte[]",
         "Value":"MIIFcAIBAz..."
      },
      {
         "Name":"Password",
         "Type":"string",
         "Value":"Str0ngP@ssw0rd!"
      }
   ]
}

Response

HTTP/1.1 200 OK
{
   "Result":1
}