Archive Certificates

This API is used to archive one or more certificates from the AppViewX inventory, based on the provided request.

Before you Begin

  • Ensure that the user has the required permissions for accessing the group to which the certificate currently belongs.
  • Ensure that the user has the required ACF permissions for archiving certificates for individual certificate categories (server, client, and code signing).

Request Structure

Endpoint: /certificate/archive
Type: POST
Sample URL: 
https://<IP/HostName/TenantName>:<GWPORT>/avxapi/certificate/archive?gwsource=external

To understand the elements of the sample URL, click here.
Headers
Content-Type: application/json
Table 1. Input Parameters
Name Description
sessionId

Header

 (Mandatory if username and password are not provided) Session ID received after login

Type: String
username

Header

 (Mandatory if sessionId is not provided) AppViewX login username

Type: String
password

Header

 (Mandatory if sessionId is not provided) AppViewX login password

Type: String
Content-Type

Header

 (Mandatory) Specifies the nature of the data in the payload

Type: String

Constraint: Value of the parameter should be ‘application/json’
gwsource

Query

 (Mandatory) Source from which the request is triggered (for example, external)

Type: String
Payload

Body

 Contains all the parameters to be included in the request body for the certificate archival request

Type: Payload

Payload

Table 2. Payload
Name Description
certIds (Mandatory) List of the UUIDs of the certificates that have to be archived

Type: List
module (Mandatory) Certificate category for which archival is enabled on execution of this API

Type: String

Possible values:
  • CERT_SERVER_INV
  • CERT_CLIENT_INV
  • CERT_CODE_SIGNING_INV

Constraint: Only one value (certificate category) can be assigned at a time
archiveReason (Mandatory) Reason for archiving the specified certificate(s)

Type: String
archiveComments (Optional) Additional details related to the certificate archival request

Type: String

Response Structure

Table 3. Response Parameters
Name Description
response Contains the response attributes

Type: response
message Success or failure description

Type: String
appStatusCode Application specific status code for the response

It is a non-null value for a failure response.

Type: String

Possible values: Status codes
tags Additional information for the failure response
Table 4. response
Name Description
code Success/failure response code

Type: String
message Success or failure message

Type: String

Status Codes

HTTP Code appStatusCode Response Message
200 OK NA Operation completed successfully.
401 Unauthorized AVX_GW_003 Authentication failed

Remediation: Ensure that valid username and password or a valid sessionId is provided as header parameters.
400 Bad Request CERT-INV-001 Missing or invalid field(s) in the payload

Remediation: Ensure that the missing mandatory field, as specified in the error response, is included in the payload and is assigned a valid value.
404 Not Found CERT-INV-0021 Certificate not found or user lacks permission.
Remediation: Ensure that:
  • the certificate specified for archival is a valid certificate that exists in the inventory
  • the user requesting the archival has the requisite permissions to do so

Sample Request

{
  "certIds": ["4e2d93f07b8d568392ff96bf8e25391f6478f8cd"],
  "module": "CERT_SERVER_INV",
  "archiveReason": "Renewed",
  "archiveComments": "Renewed Cert"
}

Sample Response

Sample Response - Success
{
  "response": {
    "code": "CERTIFICATE_ARCHIVAL_SUCCESSFULL",
    "message": "Selected certificate(s) has been archived successfully from AppViewX inventory."
  },
  "message": null,
  "appStatusCode": null,
  "tags": {},
  "headers": null
}
Sample Response - Failure (Duplicate or permission issue)
{
  "response": null,
  "message": "Certificate is not available in the inventory or User doesn't have permission to the Certificate.",
  "appStatusCode": "CERT-INV-0021",
  "tags": {
    "upstream_error": "true"
  },
  "headers": null
}

References

Understanding the sample URL
  • IP/HostName/TenantName: Replace with the actual IP address, hostname, or tenant name based on the specific configuration in AppViewX.
    • IP: A unique identifier assigned to each device connected to a computer network that uses the Internet Protocol for communication

      The IP address will be included in the endpoint URL for an on-prem deployment.

    • HostName: A human-readable label assigned to a device (host) on a network

      The hostname will be included in the endpoint URL for an on-prem deployment.

    • TenantName: An identifier label for a tenant given to indicate which tenant's data the API request will access/modify

      The tenant name will be included in the endpoint URL for a SaaS deployment.

  • GWPORT: AppViewX gateway port

    A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.

    Example: 31443

  • avxapi: Path parameter value (static) that is part of the endpoint's URL
  • Endpoint: Endpoint of the API, for example: execute-hook
  • gwsource: Source or origin of a gateway, for example: external.