Partner certificates (REST API)

images/download/thumbnails/135168154/image2020-3-12_14-40-21-version-1-modificationdate-1679977230807-api-v2.png

You can add and revoke partner certificates via HTTP. For security reasons, you cannot import local certificates. In addition, partner certificates and local certificates can be downloaded.

Logs for requests of this kind can be found in the Control Center under Logs/Server Logs/internal / message.log .

Adding certificate


URL (HTTP POST with JSON):

http(s)://<IP or URL of Integration Server>/dw/auth/v1/certificate


JSON:

{
"operation": "add",
"id": 0,
"relation": "My partner",
"commonName": "",
"certificate": MIIDXDCCAkSgAwIBAgIGAXdnKI1FMA0GCSqGSIb3DQEBCwUAMEExDTALBgNVBAMMBHRlc3QxDTALBgNVBAoMBHRlc3QxCzAJBgNVBAYTAmRlMRQwEgYKCZImiZPyLGQBGRYEdGVzdDAeFw0yMTAyMDIyMzAwMDBaFw00MTAyMDIyMzAwMDBaMEExDTALBgNVBAMMBHRlc3QxDTALBgNVBAoMBHRlc3QxCzAJBgNVBAYTAmRlMRQwEgYKCZImiZPyLGQBGRYEdGVzdDCCASAwCwYJKoZIhvcNAQEKA4IBDwAwggEKAoIBAQC7mwTRTO6ckaF1paQ/0fmEfX4Ue1BgTXlOUNSbfX+xY6yi+AQsboajcsth3hdrga6utEEwWNh89ya/KZiVZsF6m/R8xuEu+vXG3KfENhSI12bgvQSN7qOVFitRrQ4c4AM0hWxnRgVTdUgPwabDxuUBYbC1Q42JWbEiMWJjboJX736sifLfbJODO/wrV5ErIv8Y+r1ez7vktkaLzTPZ4iqaeozohj3vWf5YD958ASv4gJIZTgkES+A5eyA4oqTTurgW4WItZRHjdTgbHaxLuZrwG64DchaCBsiPVi6sxRkWnOibVSUw3ItVK7CjjBQIj+d4T0ZAD4243WGHwhu6ylJPAgMBAAGjXDBaMCkGA1UdDgQiBCBXPK15NyhJrNLkiK06/b2t3buAJORzFuMAdt9kGB6IaTAOBgNVHQ8BAf8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IBAQBDxNnzt3hKJHSXDthQC4W7jCFTeSdCRHM7wCoyF2Lv4onUnKFkTznjVfNfBpYfHgRRD0ioZOQUs7LShicxn4sz2yyHWNQbrnwPoWnUn516QS8L1l46BgcF12/7nfy25lK3QgGwprZg9wu64x1Mlcefb7+rFKT+4cl6+zCedSL00vdKUJMJZ2f0EhABHrjfDLvFjFmROBzmxL66OkVHwiL7uk70t0CYV+Y54J0UobTOuUR+Oxv3JvO6A0GYJJaOw2MLfJRHBmqj/e6bpGzpRttTfpyBZ3+jaSAcaLEH7QKgcGU8pvQ77v1+O/3ucLKYfgKn67guHC1lfNbfLzKoMFKl"
}

You can either specify "0" for the "id" or omit the line altogether, since the ID of the partner certificate is first generated during this operation.

Anything that the upload dialogue in the GUI accepts (" . pem" and ". cer") is accepted in parameter "certificate" (but has to be encoded with Base64).

Example:

Assume the following .pem certificate (which is already encoded in Base64).


-----BEGIN CERTIFICATE-----
MIIDXDCCAkSgAwIBAgIGAXdnKI1FMA0GCSqGSIb3DQEBCwUAMEExDTALBgNVBAMM
BHRlc3QxDTALBgNVBAoMBHRlc3QxCzAJBgNVBAYTAmRlMRQwEgYKCZImiZPyLGQB
GRYEdGVzdDAeFw0yMTAyMDIyMzAwMDBaFw00MTAyMDIyMzAwMDBaMEExDTALBgNV
BAMMBHRlc3QxDTALBgNVBAoMBHRlc3QxCzAJBgNVBAYTAmRlMRQwEgYKCZImiZPy
LGQBGRYEdGVzdDCCASAwCwYJKoZIhvcNAQEKA4IBDwAwggEKAoIBAQC7mwTRTO6c
kaF1paQ/0fmEfX4Ue1BgTXlOUNSbfX+xY6yi+AQsboajcsth3hdrga6utEEwWNh8
9ya/KZiVZsF6m/R8xuEu+vXG3KfENhSI12bgvQSN7qOVFitRrQ4c4AM0hWxnRgVT
dUgPwabDxuUBYbC1Q42JWbEiMWJjboJX736sifLfbJODO/wrV5ErIv8Y+r1ez7vk
tkaLzTPZ4iqaeozohj3vWf5YD958ASv4gJIZTgkES+A5eyA4oqTTurgW4WItZRHj
dTgbHaxLuZrwG64DchaCBsiPVi6sxRkWnOibVSUw3ItVK7CjjBQIj+d4T0ZAD424
3WGHwhu6ylJPAgMBAAGjXDBaMCkGA1UdDgQiBCBXPK15NyhJrNLkiK06/b2t3buA
JORzFuMAdt9kGB6IaTAOBgNVHQ8BAf8EBAMCBLAwHQYDVR0lBBYwFAYIKwYBBQUH
AwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IBAQBDxNnzt3hKJHSXDthQC4W7
jCFTeSdCRHM7wCoyF2Lv4onUnKFkTznjVfNfBpYfHgRRD0ioZOQUs7LShicxn4sz
2yyHWNQbrnwPoWnUn516QS8L1l46BgcF12/7nfy25lK3QgGwprZg9wu64x1Mlcef
b7+rFKT+4cl6+zCedSL00vdKUJMJZ2f0EhABHrjfDLvFjFmROBzmxL66OkVHwiL7
uk70t0CYV+Y54J0UobTOuUR+Oxv3JvO6A0GYJJaOw2MLfJRHBmqj/e6bpGzpRttT
fpyBZ3+jaSAcaLEH7QKgcGU8pvQ77v1+O/3ucLKYfgKn67guHC1lfNbfLzKoMFKl
-----END CERTIFICATE-----


Remove the first and last line and all line breaks to use this string above as the value of parameter "certificate".

If you want to use a .cer file (binary), you have to convert it to Base64 with an appropriate tool beforehand.

Example response


The structure of the response is identical for each successful certificate operation.

The "id" here is the ID of the generated partner certificate.


{
"response": {
"status": "ok",
"id": "1616398381212487"
}
}

Revoking certificate


URL (HTTP POST with JSON):

http(s)://<IP or URL of Integration Server>/dw/auth/v1/certificate


JSON:

{
"operation": "revoke",
"id": 1616398381212487,
"relation": "My partner"
}

Downloading certificate


You can download partner certificates and local certificates.

URL:

http(s)://<IP or URL of Integration Server/dw/auth/v1/exportcertificate?id=<id>format=<format>


Where <id> is the certificate ID and <format> is the export format. Allowed values: "DER", "PEM", "OPENSSH", "PKCS12", "PKCS7", "PUTTY" or "INFO".

"DER" is used for unknown formats. "INFO" only provides basic information (fields from certificate overview), but not the certificate.

Logs


Logs for requests of this kind can be found in the Control Center under Logs/Server Logs/internal / message.log (or in file ./logs/services/message.log ).