Download a Certificate
Before you begin
- The user should have the ACF permission to download the certificate within the specified certificate’s category.
- A certificate with the resource ID specified for deletion should already exist.
- The group associated with the certificate should at least have the R permission.
Request Structure
| Endpoint: | /certificate/download |
| Type: | GET |
| Sample URL: |
To understand the elements of the sample URL, click here. |
| Headers | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) Session Id received after login. Type: String Constraint: Required if username and password are not provided. |
| username
|
(Mandatory) AppViewX login username. Type: String Constraint: Required if sessionId is not provided. |
| password
|
(Mandatory) AppViewX login password. Type: String Constraint: Required if sessionId is not provided. |
| gwsource
|
(Mandatory) Source from which the request is triggered. (E.g.
external) Type: String |
| resourceId
|
(Mandatory) Unique Id of the certificate to be
downloaded. Type: String |
| keyRequired
|
(Optional) Indicates whether the private key needs to be
downloaded. Type: Boolean |
| isCACertificate
|
(Optional) Indicates whether the certificate being downloaded is
a CA certificate. Type: Boolean |
Response Structure
| Status Code: | 200 OK |
| Error Response: | The error response will have the parameters described below. |
| Headers | |
| Content-Type: | application/octet-stream |
| Name | Description |
|---|---|
| message | Failure description. Type: String |
| appStatusCode | Application specific status code for the response. It is a
non-null value for a failure response. Type: String |
| tags | Additional information in case of failure response. |
Status Codes
| HTTP Code | appStatusCode | Response Message |
|---|---|---|
| 200 OK | null | The attachment of the .pem type certificate. |
| 404 Not Found | NO_RECORDS_FOUND | No matching records found. Remediation: Ensure that the value provided for resourceId parameter refers to the id of an existing certificate. |
| 401 Unauthorized | AVX_GW_003 | Authentication failed, reason - Invalid
Credentials. Remediation: Ensure that valid username and password or valid sessionId is provided as header parameters. |
| 400 Bad Request | MANDATORY_FIELD_MISSING | Mandatory field is missing or invalid -
resourceId. Remediation: Ensure that the resourceId parameter is available in query parameter. |
| 417 Expectation Failed | NOT_A_VALID_CERT | Invalid certificate. Remediation: Certificates that have not yet been issued cannot be downloaded. Ensure that the resourceId refers to the certificate that has been issued. |
| 417 Expectation Failed | CERT-KEY-0006 | Private key access is restricted in <<Default>>
policy. Remediation: Retry downloading the certificate after enabling the flag Enable Access to Private Key in the Certificate Policy. |
Sample Response
The downloaded file is a pem file and the content of the downloaded file is as mentioned in the example below:
-----BEGIN CERTIFICATE-----
MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL
MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA
A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI
U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs
N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv
o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
rqXRfboQnoZsG4q5WTP468SQvvG5
-----END CERTIFICATE----- References
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: execute-hook
- gwsource: Source or origin of a gateway, for example: external.
