certificate_policy

Configuration for Venafi certificate policy resource.

Read/write properties

name<String>

Name of the Venafi server configured..

org_unit<String[]>

Organization Unit.

is_key_generation_locked<Boolean>

Indicates if the key generation value is locked in the policy.

policy<String>

Policy folder path which determines the certificate attributes..

csr_generation<String>

CSR generation.Possible values: ServiceGenerated, UserGenerated.

state<String>

State.

key_value<String>

Key strength if algorithm is RSA. EllipticCurve ,if the algorithm is ECC .

subjaltname_ip_allowed<Boolean>

Indicates if IP subject alternative names allowed.

tp_renewal<Boolean>

set to True, if automatic renewal is enabled in Venafi.

subjaltname_uri_allowed<Boolean>

Indicates if URI subject alternative names allowed.

keypair_algorithm<String>

Algorithm for generating the key. Possible values: ECC, RSA.

subjaltname_dns_allowed<Boolean>

Indicates if DNS subject alternative names allowed.

is_city_locked<Boolean>

Indicates if the city value is locked.

is_csr_generation_locked<Boolean>

Indicates if the CsrGeneration value is locked in the policy.

management_type<String>

Management Type.

tp_renewal_locked<Boolean>

Indicates if TpRenewal is locked.

is_org_locked<Boolean>

Indicates if the organization value is locked.

country<String>

country.

is_management_type_locked<Boolean>

Indicates if management type is locked.

is_org_unit_locked<Boolean>

Indicates if the organization unit value is locked.

is_country_locked<Boolean>

Indicates if the country value is locked.

wildcards_allowed<Boolean>

Indicates if wild cards is allowed.

subjaltname_upn_allowed<Boolean>

Indicates if UPN subject alternative names allowed.

is_state_locked<Boolean>

Indicates if the state value is locked.

is_key_value_locked<Boolean>

Indicates if the algorithm property value is locked in the policy.

is_ca_locked<Boolean>

Indicates if the CA value is locked in the policy.

key_generation<String>

Key generation value.

is_keypair_algorithm_locked<Boolean>

Indicates if the key pair algorithm value is locked in the policy.

org<String>

Organization.

subjaltname_email_allowed<Boolean>

Indicates if Email subject alternative names allowed.

ca<String>

Certificate Authority.

city<String>

city.

Operations

NOTE: In request payload, Mandatory parameters are marked red and bold.

The following parameters can be used in the nitro request :

onerror   <String_value>

Use this parameter to set the onerror status for nitro request. Applicable only for bulk requests.
Default value: EXIT
Possible values = EXIT, CONTINUE

get (all)

get (all)

URL:https://<MGMT-IP>/nitro/v2/config/certificate_policy

Query-parameters:

filter

https://<MGMT-IP>/nitro/v2/config/certificate_policy?filter=property-name1:property-value1,property-name2:property-value2

Use this query-parameter to get the filtered set of certificate_policy resources configured on the system. You can set a filter on any property of the resource.

pagesize=#no&pageno=#no

https://<MGMT-IP>/nitro/v2/config/certificate_policy?pagesize=#no&pageno=#no

Use this query-parameter to get the certificate_policy resources in chunks.

count

https://<MGMT-IP>/nitro/v2/config/certificate_policy?count=yes

Use this query-parameter to get the count of certificate_policy resources.

HTTPS Method:GET

Request Headers:

Accept:application/json

X-NITRO-USER:username_value<String>

X-NITRO-PASS:password_value<String>

or

Cookie:NITRO_AUTH_TOKEN=token_value<String>

Response:

HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error

Response Headers:

Content-Type:application/json

Response Payload:JSON

{ "errorcode": 0, "message": "Done", "severity": <String_value>, "certificate_policy":[{
      "name":<String_value>,
      "org_unit":<String_value>,
      "is_key_generation_locked":<Boolean_value>,
      "policy":<String_value>,
      "csr_generation":<String_value>,
      "state":<String_value>,
      "key_value":<String_value>,
      "subjaltname_ip_allowed":<Boolean_value>,
      "tp_renewal":<Boolean_value>,
      "subjaltname_uri_allowed":<Boolean_value>,
      "keypair_algorithm":<String_value>,
      "subjaltname_dns_allowed":<Boolean_value>,
      "is_city_locked":<Boolean_value>,
      "is_csr_generation_locked":<Boolean_value>,
      "management_type":<String_value>,
      "tp_renewal_locked":<Boolean_value>,
      "is_org_locked":<Boolean_value>,
      "country":<String_value>,
      "is_management_type_locked":<Boolean_value>,
      "is_org_unit_locked":<Boolean_value>,
      "is_country_locked":<Boolean_value>,
      "wildcards_allowed":<Boolean_value>,
      "subjaltname_upn_allowed":<Boolean_value>,
      "is_state_locked":<Boolean_value>,
      "is_key_value_locked":<Boolean_value>,
      "is_ca_locked":<Boolean_value>,
      "key_generation":<String_value>,
      "is_keypair_algorithm_locked":<Boolean_value>,
      "org":<String_value>,
      "subjaltname_email_allowed":<Boolean_value>,
      "ca":<String_value>,
      "city":<String_value>}]}