Upload Multiple Certificates to the Inventory
This API is used to upload multiple certificates to the AppViewX certificate inventory in a single upload operation.
Before you begin
- The user should have the ACF permission to create/edit/rediscover/replay under certificate discovery.
- The certificate group name that will be specified in the payload should have RW permissions.
- The discovery name should be unique.
Request Structure
| Endpoint: | certificate/discovery/upload |
| Type: | POST |
| Sample URL: |
To understand the elements of the sample URL, click here. |
| Headers | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) Session ID received after login. Type: String Constraints: Required if username and password are not provided. |
| userName
|
(Mandatory) Username that is configured in
AppViewX. Type: String |
| password
|
(Mandatory) Password of that user. Type: String |
| content-type
|
(Mandatory) Payload content-type with application/json
value. Type: String Constraint: The value must be application/json. |
| gwsource
|
(Mandatory) The source from which the request is triggered, e.g.,
external. Type: String |
| Payload
|
Contains all the parameters to be sent in the request body for
the post request. Type: Payload (Refer Payload table below) |
Payload
| Name | Description |
|---|---|
| discoveryName | (Mandatory) Name of the discovery instance. Type: String |
| certificateCategory | (Optional) Certificate category Type: String Possible Values: Server, Client, Code Signing, Server and Client, Device, Root, Intermediate, Others |
| groupName | (Mandatory) Name of the group to which the certificate
belongs. Type: String |
| status | (Optional) Status indicating whether the certificate is managed
or monitored. Type: String Possible Values: Managed, Monitored |
| uploadContent | (Mandatory) Details of the certificate to be
uploaded. Type: uploadContent |
| Name | Description |
|---|---|
| fileContent | (Mandatory) Content of the file in byte array format for the
certificate to be uploaded. Type: byte array |
| fileName | (Mandatory) Name of the file. Type: String |
| password | (Optional) Password associated with the file (depending on the
file type). Type: String |
| keyToDecrypt | (Optional) Key to decrypt the password if it is encrypted. Type: String |
| certID | (Mandatory) Certificate ID. Type: String |
| woID | (Mandatory) Work order ID (to be sent at NA). Type: String |
| certificateCategory | (Optional) Category of the certificate. Type: String |
| certificateAuthority | (Optional) Certificate Authority Type: String |
| comments | (Optional) Additional comments. Type: String |
| groupName | (Optional) Name of the group to which the certificate belongs. Type: String |
| proxyRequired | (Optional) Determines if a proxy is required. Type: Boolean (true/false) |
| dataCenter | (Optional) Name of the datacenter where the API is to be
executed. Type: String |
| caId | (Optional) Certificate authority ID. Type: String |
| avxStatus | (Optional) Status indicating whether the certificate is managed
or monitored. Type: String Possible values: Managed, Monitored |
| enrollmentMethod | (Optional) Method used for certificate enrollment. Type: String Possible Values: SCEP, EST, ACME, SCEP_MS_INTUNE, MS_PROXY/WAEP |
| kubeService | (Optional) Name of the Kubernetes service. Type: String Possible Values: cert-orchestrator, appviewx-signer, appviewx-infra-orchestrator, appviewx-csi-provider |
| metadata | (Optional) A key-value pair of metadata info. Type: Map<String,Object> |
| isValid | (Optional) Determines if the certificate is valid. Type: Boolean (true/false) |
| encodedPassword | (Optional) The base-64 encoded password value. Type: String |
Response Structure
Response returns string of type application/json with the following body parameters:
| Name | Description |
|---|---|
| response | Contains the response attributes. Type: response |
| message | Displays the number of records found if success or a
failure message. Type: String |
| appStatusCode | Application specific status code for the response.
It is a non-null value for a failure response. Type: String |
| tags | Additional information in case of failure response. |
| headers | HTTP headers associated with the response. Type: String |
| Name | Description |
|---|---|
| discoverId | ID assigned to the discovery instance Type: response |
Status Codes
| HTTP Code | appStatusCode | Response Message |
|---|---|---|
| 202 Accepted | NA | Accepted. |
| 400 Bad Request | AVX-VLDTN-001 | Invalid payload data. Remediation: Ensure the payload is correct or meets the validation rules specified by the validation protocol. |
| 400 Bad Request | INVALID_GROUP_NAME | groupName is Invalid or the user does not have enough permission
for the specified group. Remediation: The group name should be valid and have the required permissions. |
| 400 Bad Request | MSG_DISC_HISTORY_UNIQUE_NAME | Discovery name already exists. Please specify different Discovery
name. Remediation: The discovery name should be unique. |
| 500 Internal Server Error | avx-common-011 | Internal Server Error. |
Sample Request/Response
{
"discoveryName": "<name>",
"certificateCategory": "<ROOT_CA/INTERMEDIATE_CA/SERVER/CLIENT/SERVER_AND_CLIENT/CODE_SIGNING/DEVICE/OTHERS>",
"groupName": "<name>",
"status": "<>",
"uploadContent": {
"fileContent": <byte[]>,
"fileName": "<name>",
"password": "",
"keyToDecrypt": "",
"certId": "<>",
"woId": "<NA>",
"certificateCategory": "",
"certificateAuthority": "",
"comments": "",
"groupName": "",
"proxyRequired": true/false,
"dataCenter": "",
"caId": "",
"avxStatus": "Managed/Monitored",
"enrollmentMethod": "SCEP/EST/ACME/SCEP_MS_INTUNE/MS_PROXY/WAEP",
"kubeService": "cert-orchestrator/ appviewx-signer/ appviewx-infra-orchestrator/ appviewx-csi-provider",
"metadata": {
},
"isValid": true/false,
"encodedPassword": ""
},
"uploadContents": [ --> max of 5000 entries to be sent in uploadContents
{<similar object as uploadContent field>},
{<similar object as uploadContent field>}
],
"comments": ""
}
{
"response": {
"discoverId": "507f1f77bcf86cd799439011"
},
"message": "Discovery Request is created successfully - 507f1f77bcf86cd799439011",
"appStatusCode": null,
"tags": null
}References
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: execute-hook
- gwsource: Source or origin of a gateway, for example: external.
