Push Certificates to GCP Certificate Manager Service (Scope: Regional)
Before You Begin
- GCP devices with the certificate manager service should be added in AppViewX.
- The devices should be in Managed state.
Request Structure
| Endpoint: | /certificate/pushToDevice |
| Type: | POST |
| Sample URL: |
To understand the elements of the sample URL, click here. |
| Headers | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) Session ID received after
login Type: String Constraints: Required if username and password are not provided. |
| username
|
AppViewX login username Type: String Constraints: Required if sessionId is not provided. |
| password
|
AppViewX login password Type: String Constraints: Required if sessionId is not provided. |
| Content-Type
|
Specifies the nature of the data in the
payload Type: String |
| gwsource
|
Source from which the request is triggered. (E.g.
external) Type: String |
| Payload
|
Contains all the parameters to be sent in the
request body for the post request Type: Payload |
Payload
| Name | Description |
|---|---|
| generalInformation | (Mandatory) General details related to the push
operation Type: generalInformation |
| certificateID | (Mandatory) Unique identifier of the certificate to be pushed |
| certificateDetails |
(Mandatory) Details of the certificate to be pushed Type: certificateDetails |
| pushDetails |
(Mandatory) Details for certificate management after the push operation Type: pushDetails |
| selectedProfiles | (Mandatory) Actual profile details of services to
which where we are trying to push/bind the certificate Type: String |
| Name | Description |
|---|---|
| category | (Mandatory) Device type of the target system to
which the certificate will be pushed Type: String Possible value(s): Cloud |
| vendor | (Mandatory) Cloud device vendor Type: String Possible value(s): Azure |
| profileFilterSelection | (Mandatory) Service type to which the certificate
will be pushed Type: String Possible value(s): Certificate Manager |
| name | Name given to the connector that will be
created to push the certificate to the cloud device Type: String |
| profileType | (Mandatory) Type/category of the profile being used
to determine how the certificate is managed after it is pushed Type: String Possible value(s): push and bind, push only |
| description | Additional details related to the
certificate being pushed, the connector for pushing the certificate.
Type: String |
| Name | Description |
|---|---|
| certificateName | (Mandatory) Name of the certificate being pushed Type: String |
| isNewCertificate | (Optional) Specify if the certificate being pushed
is a new certificate or an existing certificate that is being
replaced Type: Boolean Possible value(s): true, false |
| region | (Optional) Scope of the certificate being pushed Type: String Possible
value(s):
|
| certificateDescription | (Optional) Additional details related to the
certificate being pushed Type: String |
| profileFilterSelection | Specific profile type where the certificate will be
applied Type: String Possible value(s): Certificate Manager |
| certificateTags |
(Optional) Key-value pair attributes to add additional details about the certificate Type: String |
| Name | Description |
|---|---|
| scriptLocation | (Mandatory) Select the location of the script
file. Script files are commonly used to perform certain tasks required to be completed before and/or after a certificate is pushed to the target system. Type: String Possible Values: appviewx and device |
| preValidationScriptPath | (Mandatory if scriptLocation is
device) Location of the script that will be executed
before the certificate is pushed to the target system Type: String |
| postValidationScriptPath | (Mandatory if scriptLocation is
device) Location of the script that will be executed
before the certificate is pushed to the target system Type: String |
| pushAutomatically | Automatically push certificate to the
target system, after it is renewed/reissued Type: Boolean Possible value(s):
|
Response Structure
| Name | Description |
|---|---|
| response | Contains the response attributes for the push
request Type: response |
| message | Success message of the action or failure description
in case of error Type: String |
| appStatusCode | Application specific status code for the response.
Will be non-null for failure response. Type: String |
| tags | More info in case of failure response |
| Name | Description |
|---|---|
| requestId | Request ID for push action for the application
connector Type: String |
| connectorId | ID of the application connector for pushing the
certificate Type: String |
Status Codes
| HTTP Status code | appStatusCode | Message and Possible Remediation |
|---|---|---|
| 202 Accepted | NA | 1 connector(s) saved and push operation has been triggered. |
| 401 Unauthorized | AVX_GW_003 | Authentication failed, reason - Invalid
Credentials Possible remediation: Ensure that valid username and password or valid sessionId is provided as the header param. |
| 400 Bad Request | MANDATORY_FIELD_MISSING | Mandatory field is missing or invalid -
<<field name>> Possible remediation: Check and ensure that valid value is provided for <<field name>> field in the request. |
| 404 Not Found | NO_RECORDS_FOUND | No matching records found - certificate not
found. Possible remediation: Please provide correct value for the field certificateId. |
| 400 Bad Request | INVALID_REQUEST | selectedProfiles are already available in the
specified certificate. Possible remediation: Please provide a different value for the field selectedProfiles. |
| 417 Expectation failed | CERT-APP-0016 | Connector with profiles {} already
exists. Possible remediation: Profile connector already exists for the selected certificate. Please change the certificateId or delete the existing connector. |
| 500 Internal Server Error | avx-common-011 | Error while processing |
Sample Request/Response
{
"generalInformation": {
"category": "cloud",
"vendor": "GCP",
"profileFilterSelection": ":Certificate Manager",
"name": "GCP connector",
"description": "",
"profileType": "Push and Bind Profiles"
},
"certificateDetails": {
"isNewCertificate": true,
"certificateName": "cmreg10",
"region": "us-east1",
"certificateDescription": "",
"profileFilterSelection": "Certificate Manager",
"certificateTags": {
}
},
"pushDetails": {
"scriptLocation": "appviewx",
"preValidationScriptPath": "",
"postValidationScriptPath": "",
"pushAutomatically": false
},
"certificateId": "67a9f5ce2ff94729fda605ac",
"selectedProfiles": [
"GCP.Single.All:pm-project-lab-1-391708:Certificate Manager"
]
}{
"response": [
{
"requestId": "365",
"connectorId": "1740522308007"
}
],
"message": "1 connector(s) saved and push operation has been triggered.",
"appStatusCode": null,
"tags": {},
"headers": null
}References
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: execute-hook
- gwsource: Source or origin of a gateway, for example: external.
