POST Certificates/Push
Provisions the same certificate and private key to one or more devices or servers. The certificate must be associated with one or more Application objects. If the certificate and private key already exist on the target server or device, the Push operation replaces the existing certificate and private key.
DID YOU KNOW? Certificates/Push operates in the same way as the Push button on the Application object Settings tab.
Prerequisites
The Certificate DN, also known as a Certificate object, requires:
- A device or server certificate with a Management Type of Provisioning.
- A private key.
- Not in an error or processing state. The Certificate DN has a stage of 0 or 800.
The Application DN, also known as an Application object, requires:
- Association with a certificate. To set the Associated Applications, use the UI or call POST Certificates/Associate.
- An enabled status. For example, the Processing Disabled checkbox is cleared.
- Not in an error or processing state. The Application DN has a stage of 0 or 1200.
Requirements
- Permissions:
The caller must have:
- Read permission and Write permission to the Certificate object.
- Write permission and Associate permission to relevant Application objects.
- Token scope: Certificate:Manage
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
- To provision via a set of Application DNs that are associated with a certificate, specify ApplicationDN and set PushToAll to false.
- To provision via all Application DNs that are associated with a certificate, omit ApplicationDN and set PushToAll to true.
Name |
Description |
---|---|
ApplicationDN |
(Optional) If you want to use every Application DN that is associated with the certificate, omit this value. An array of one or more Application objects, specified by their distinguished names, that uniquely identify them in the Venafi platform. Each Application DN is associated with the certificate. |
CertificateDN |
The Distinguished Name (DN) of the certificate. |
PushToAll |
Specify how to push provision:
|
Returns
Name |
Description |
---|---|
HTTP 200 |
For valid requests, this call returns a HTTP 200 message and true when provisioning initiates. |
HTTP 400 |
For invalid requests, this call returns a HTTP 400 BadRequest and the following data in the message body: Error: Returns an error message for bad parameters, data, or syntax:
|
Example: Push Provision one certificate to set of Application objects
Request
POST https://tpp.venafi.example/vedsdk/Certificates/Push Authorization:Bearer 4MyGeneratedBearerTknz== { "CertificateDN":"\\VED\\Policy\\Certificates\\Lab4DeviceCert", "ApplicationDN":[ "\\VED\\Policy\\Devices\\Cisco Router ISR 1900\\BlueCoatAO", "\\VED\\Policy\\Devices\\WebServer91\\ApacheAO" ], "PushToAll":"false" }
Response
HTTP/1.1 200 OK { "Success":true }