Rollback Certificate to ADC profile

The API initiates the rollback of a certificate to an ADC profile.

Before you begin

Ensure the following before attempting to rollback certificate to a ADC device profile through AppViewX:
  • ADC devices must be configured in AppViewX.
  • The device should be in the Managed state
  • Approval is not required: Enable this mode by setting the ‘Certificate Requests Need Approval?’ flag to false in the Certificate Policy.
  • Approval is required: If the approval setting in the policy cannot be changed, users can approve specific requests by following the After you are done section.

Request Structure

Endpoint: /certificate/rollback
Type: POST
Sample URL: 
https://<IP/HostName/TenantName>:<GWPORT>/avxapi/certificate/rollback?gwsource=external

To understand the elements of the sample URL, click here.
Headers
Content-Type: application/json
Table 1. Input Parameters
Name Description
sessionId

Header

 (Mandatory) Session Id received after login.

Type: String

Constraint: Required if username and password are not provided.
username

Header

 (Mandatory) AppViewX login username.

Type: String

Constraint: Required if sessionId is not provided.
password

Header

 (Mandatory) AppViewX login password.

Type: String

Constraint: Required if sessionId is not provided.
Content-Type

Header

 (Mandatory) Specifies the nature of the data in the payload.

Type: String

Constraint: Value of the parameter should be ‘application/json’
gwsource

Query

 (Mandatory) Source from which the request is triggered. (E.g. external)

Type: String
autoApproval

Query

 Indicates whether the auto-approval is needed for the action.

Type: String

Constraint: Value of the parameter should be yes.
Payload

Body

 Contains all the parameters to be sent in the request body for the post request.

Type: Payload

Payload

Table 2. Payload
Name Description
applicationConnectorIds (Mandatory) Application connector id.

Type: List <String>

Response Structure

Response returns string of type application/json with the following body parameters:

Table 3. Parameters
Name Description
response Contains the response attributes for the rollback request
requestId

response

 Request Id for rollback action for the application connector.

Type: String
connectorId

response

 Application connector Id.

Type: String
message Success message or failure description in case of error.

Type: String
appStatusCode Application specific status code for the response. It is a non-null value for a failure response.

Type: String
tags Additional information in case of failure response.

Status Codes

HTTP Code appStatusCode Response Message
202 Accepted NA App connector rollback action initiated for 1 connector(s).
202 Accepted NA Operation cannot be completed for one or more devices as the 'Resource' allocated to you does not have write permission.

Remediation: Ensure that users have access to the device.
401 Unauthorized AVX_GW_003 Authentication failed, reason - Invalid Credentials.

Remediation: Ensure that valid username and password or valid sessionId is provided as header parameters.
400 Bad Request MANDATORY_FIELD_MISSING Mandatory field is missing or invalid - <<field name>>

Remediation: Ensure that a valid value is provided for the <<field name>> field in the request.
417 Expectation failed FIELD_VALUE_INVALID Invalid value - <<field name>>

Remediation: Ensure that a valid value is provided for the <<field name>> field in the request.
417 Expectation failed CERT-APP-0012 Application connector ids cannot be empty.

Remediation: Please provide value for the field applicationConnectorIds.
417 Expectation failed ERR_APPLICATION_CONNECTOR_LIST_RETRIVAL Unable to retrieve connector information.

Remediation: Connector may not be available. Please provide correct value for the field applicationConnectorIds.
417 Expectation failed ERR_APP_CONNECTORS_NOT_FOUND Application connector(s) not found.

Remediation: Connector may not be available. Please provide correct value for the field applicationConnectorIds.
417 Expectation failed ERR_INITIALIZE_ROLLBACK_REQUEST Unable to initialize rollback request.
417 Expectation failed ERR_ROLLBACK_INELIGIBLE Push not triggered or succeeded or No existing data available for backup process

Remediation: Push and bind certificate before rollback.
500 Internal Server Error avx-common-011 Error while processing

Sample Request/Response

Request Payload
{
 "applicationConnectorIds": [ "device_name:@clientssl-insecure-compatible:@Common:@c46ec8a04da701721159ce0c3cf772367ade58cb" ]
 }
Response
{
"response": [
{
"requestId": "243",
"connectorId": "F5:@crypto-client-default-serverssl:@Common:@134c5c3a64ed8cf4e02cf32078ee1e2ffc1b109b"
}
],
"message": "App connector rollback action initiated for 1 connector(s).",
"appStatusCode": null,
"tags": {},
"headers": null
}

References

Understanding the sample URL
  • IP/HostName/TenantName: Replace with the actual IP address, hostname, or tenant name based on the specific configuration in AppViewX.
    • IP: A unique identifier assigned to each device connected to a computer network that uses the Internet Protocol for communication

      The IP address will be included in the endpoint URL for an on-prem deployment.

    • HostName: A human-readable label assigned to a device (host) on a network

      The hostname will be included in the endpoint URL for an on-prem deployment.

    • TenantName: An identifier label for a tenant given to indicate which tenant's data the API request will access/modify

      The tenant name will be included in the endpoint URL for a SaaS deployment.

  • GWPORT: AppViewX gateway port

    A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.

    Example: 31443

  • avxapi: Path parameter value (static) that is part of the endpoint's URL
  • Endpoint: Endpoint of the API, for example: execute-hook
  • gwsource: Source or origin of a gateway, for example: external.