Example 4: Certificate credential

This example shows you how to call POST Credentials/Create. The certificate and password are both passed in the Certificate parameter as a Base64 encoded PKCS#12. The contents is only accessible when the matching password is specified in the Password parameter.

You can use this example to create credentials for these CAs: 

  • Adaptable CA: Requires at least one of these credentials: UsernamePassword, Password, OR  Certificate.
  • Entrust CA Gateway:
  • Entrust Certificate Services: Requires both Certificate and UsernamePassword credentials.
  • HID PKIaaS CA
  • OpenTrust Enterprise PKI Client
  • Red Hat, RSA
  • UniCERT

TIP  Know your CA's requirements for credentials. Remember that you are adding credentials as is. Always validate the Credential object. The best way to check is to create a CA Template in the UI and apply your credential. If an error occurs, correct the credential, and retry.

The Values array needs these elements:

  • Name: Certificate, Type:byte[], and Value that is the certificate.
  • Name: Password, Type:string, and Value that is the private key password.

Example: Create a Certificate Credential

Request

POST https://tpp.venafi.example/vedsdk/Credentials/Create
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "CredentialPath":"\\VED\\Policy\\Top Level\\MyUsernameCred4",
   "FriendlyName":"Certificate",
   "Expiration":"\/Date(1716122248657)\/",
   "Values":[
      {
         "Name":"Certificate",
         "Type":"byte[]",
         "Value":"MIIFcAIBAz..."
      },
      {
         "Name":"Password",
         "Type":"string",
         "Value":"Str0ngP@ssw0rd!"
      }
   ]
}

Response

HTTP/1.1 200 OK
{
   "Result":1
}