PUT Certificates/{guid}
Sets or clears one or more Config attributes of a X.509 certificate. For example, PUT Certificates/{guid} can use the special Disabled attribute to retire or reactivate a certificate.
If a policy is in effect for the attribute:
- Trust Protection Platform enforces the policy. To find policy information, call POST Config/FindPolicy.
- A warning occurs.
- The attribute remains unchanged.
Requirements
- Permissions: The caller must have View permission and Write permission to the Certificate object.
- Token scope: Certificate:Manage
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
Name |
Description |
---|---|
{guid} |
Specify this parameter as part of the URL. A GUID that uniquely identifies a Certificate object. To get the GUID, call POST Config/DnToGuid or in the Policy tree, use the X509 User Certificate value that appears on the Support Attributes tab. Enclose the GUID in curly braces. For example, {724a3db3-8855-4ea9-986f-519f0c571148}.
|
AttributeData |
Specify this parameter as part of the JSON body. An array of Name and Value config attributes to change for the certificate. To clear every attribute value, specify null rather than an array of strings. For example: value:null.
|
Returns
Name |
Description |
---|---|
HTTP 200 |
For valid requests, this call returns a HTTP 200 message and the following data in the message body:
|
HTTP 400 |
For invalid requests, this call returns a HTTP 400 BadRequest and the following data in the message body:
|
Example 1: Change the city and state, clear email address on a certificate
Request for Example 1
PUT https://tpp.venafi.example/vedsdk/Certificates/{724a3db3-8855-4ea9-986f-519f0c571148} Authorization:Bearer 4MyGeneratedBearerTknz== { "AttributeData":[ { "Name":"City", "Value":[ "Seattle" ] }, { "Name":"State", "Value":[ "WA" ] }, { "Name":"X509 SubjectAltName RFC822", "Value":null } ] }
Response Example 1
HTTP/1.1 200 OK { "Success":true }
Example 2: Disable or retire a certificate
The following example shows you how to disable or retire a certificate. The certificate status remains disabled until you clear the Processing Disabled checkbox in the UI or all PUT Certificates/{guid} with a Disabled value of 0.
Request for Example 2
PUT https://tpp.venafi.example/vedsdk/Certificates/{724a3db3-8855-4ea9-986f-519f0c571148} Authorization:Bearer 4MyGeneratedBearerTknz== { "AttributeData":[ { "Name":"Description", "Value":[ "This certificate was retired on 2019-Oct-25" ] }, { "Name":"Disabled", "Value":[ "1" ] } ] }
Response for Example 2
HTTP/1.1 200 OK { "Success":true }