Push Create Certificate to the End Cluster
The API will push or revoke the Certificate from AppViewX to end cluster.
Request Structure
| Endpoint: | /kube-cert-action |
| Type: | POST |
| Sample URL: | https://<IP/HostName/TenantName>:<GWPORT>/avxapi/kube-cert-action?gwsource=externalTo understand the elements of the sample URL, click here. |
| Headers: | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) A unique identifier assigned to a
user's session upon successful authentication. The session ID
remains valid until it expires, and it can contain alphanumeric
characters. Type: String Constraints: The session ID is used when username and password are not provided. Example:
|
| gwsource
|
(Mandatory) Source from which the request is
triggered. Type: String Example:
|
| payload
|
(Mandatory) Input data for request body in application/json format. For payload details, see Payload section. |
Payload
| Name | Description |
|---|---|
| action
|
Action to be performed. |
| certs
|
Details of the certificates to be created. See Table 2 for details. |
| Name | Description |
|---|---|
| certName
|
Name of the certificate. |
| caSettingType
|
CA type of the issuer CA. Constraints: The values are CA Setting Cluster and CA Setting. |
| caSettingName
|
Name of the issuer CA. |
| clusterName
|
Name of cluster in which the certificate-related action needs to be performed. |
| namespace
|
Namespace where the CA setting must be pushed. |
Status Codes
| HTTP Status code | appStatusCode | Message and Possible remediation |
|---|---|---|
| 200 OK | NA | Success |
| 400 Bad Request | KUBEPLUS-0017 | Mandatory field is missing or invalid values
specified - <<field name>> Possible remediation: Check and ensure that valid value is provided for <<field name>> field in the request. |
| 401 Unauthorized | AVX_GW_003 | Authentication failed, reason - Invalid
Credentials Possible remediation: Ensure that valid username and password or valid sessionId is provided as the header param. |
Sample Request/Response
https://<IP/HostName/TenantName>:<GWPORT>/avxapi/kube-cert-action?gwsource=kube
{
"payload": {
"certs": [
{
"certName": "copilot-demo",
"caSettingType": "CA Setting Cluster",
"caSettingName": "copilot-demo-3",
"clusterName": "n3-poc-n10",
"namespace": "avx"
}
],
"action": "create"
}
}{
"response": {
"messageType": "SUCCESS",
"message": "Certificate deployed to secret successfully",
"status": "Success"
}
}Reference
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: execute-hook
- gwsource: Source or origin of a gateway, for example: external.
