POST SSHCertificates/Template/Retrieve
Returns information about an SSH CA template.
Requirements
-
Permissions: The caller must have View permission and Read permission to the CA issuance template.
- Token scope: SSH:Manage
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
Name |
Description |
---|---|
DN |
(Optional) The Distinguished Name (DN) of the SSH Certificate Issuance Template. Specify DN, Guid, or both. To get the value from the Platform Policy tree, switch to the Certificate Authority Templates folder. For example: \\VED\\Certificate Authority\\SSH\\Templates\\template_client.
|
Guid |
(Optional) he unique identifier of the template. Specify DN, Guid, or both.. To get the value, open the template. For example: {5ae4cea0-13e0-4698-87b0-12a10361a756}.
|
IncludeCAKeyPairDetails | (Optional) true: Show additional details, including the public key, in CAKeyPair. false: Show only CAKeyPairDN and CAKeyPairGuid. Default is true. |
Returns
Name |
Description |
---|---|
HTTP 200 on Success |
For valid requests, this call returns a HTTP 200 message and the following data in the message body:
|
HTTP 400 |
For invalid parameters or rejected requests, this call returns HTTP 400 Bad Request and the following message body:
|
HTTP 404 |
For requests that contain invalid data, this call returns HTTP 404 Not Found, and the following data in the message body:
|
Example: Determine what type of SSH Certificates a CA can issue
IMPORTANT The correct endpoint name is SSHCertificates, not SSH/Certificates.
Request
POST https://tpp.venafi.example/vedsdk/SSHCertificates/Template/Retrieve { "DN":"\\VED\\Certificate Authority\\SSH\\Templates\\template_host", "Guid":"{44eabcd7-7a56-4beb-8f84-f4c4b39914e8}", "IncludeCAKeyPairDetails":true }
Response
HTTP/1.1 200 OK { "APIClient":{ "AllowedToRequestCertificateIdentifier":true, "AllowedToRequestExtensions":false, "AllowedToRequestForceCommand":false, "AllowedToRequestPrincipals":true, "AllowedToRequestSourceAddresses":false }, "AccessControl":{ "AllowedCertificateIdentifierPatterns":[ ".*" ], "AllowedExtensions":[ "permit-pty", "permit-user-rc", "my-custom-extension" ], "AllowedForceCommandPatterns":[ ".*" ], "AllowedPrincipalsPatterns":[ ".*" ] }, "CAKeyPair":{ "CreatedOn":"2021-06-14T14:35:53.0074237Z", "DN":"\\VED\\Certificate Authority\\SSH\\Key Pairs\\template_host", "FingerprintSHA256":"a4i4PKU2S7qctNOca2YQsBAtQqM0DgTebyYLsKsvvq8", "Guid":"{ab928561-d602-487d-bd6f-144c124e817d}", "KeyAlgorithm":"RSA4096", "Name":"template_host", "PublicKeyData":"ssh-rsa AAAAB3Nz... template_host" }, "CAKeyPairDN":"\\VED\\Certificate Authority\\SSH\\Key Pairs\\template_host", "CAKeyPairGuid":"{ab928561-d602-487d-bd6f-144c124e817d}", "Certificate":{ "AllowedPrivateKeyAlgorithms":[ "RSA2048", "RSA3072", "RSA4096", "ECCP256", "ECCP384", "ECCP521" ], "AllowPrivateKeyReuse":true, "CertificateDestinationDn":"\\VED\\Policy\\My Folder For Certs", "DefaultPrivateKeyAlgorithm":"RSA3072", "SignatureHashingAlgorithm":"SHA512", "Type":"Host", "ValidityPeriod":"365d" }, "Contacts":[ "local:{3b290173-5aa8-423d-a305-8c1d96f706b5}" ], "CreatedOn":"2021-06-14T14:35:52.4883947Z", "DN":"\\VED\\Certificate Authority\\SSH\\Templates\\template_host", "Guid":"{44eabcd7-7a56-4beb-8f84-f4c4b39914e8}", "Name":"template_host", "Response":{ "ErrorMessage":"", "Success":true } }