List the OpenSSH Certificate Authority(ies)
List the OpenSSH Certificate Authority(ies)
-
200 OpenSSH Certificate Authority list
application/jsonArray [
idstring (Internal ID) requiredObject internal ID
enrollboolean requiredIf true, this Certificate Authority can sign publicKey
enforceKeyUnicityboolean requiredIf true, each enrollment request must have a unique key
krlPolicyobject | null (KRL Generation Policy) requiredDefine how to generate the KRL fot his OpenSSH Certificate Authority
validitystring requiredThe duration of the KRL's validity
hardGenerationstring | nullThe KRL will be generated at each period
lazyGenerationstring | nullThe KRL will be checked at each period and generated if a new entry was added
publicKeystring requiredThe public key of the SSHSigner
namestring requiredThis signer's name
privateKeyobject (Signer Private Key) requiredThis signer's private key
keystorestring requiredThe Keystore in which the key is stored
namestring requiredThe name of the key in the keystore
hashAlgorithmstring | null (Hash Algorithm)The Hash Algorithm to use when signing with this key
EnumSHA1SHA224SHA256SHA384SHA512SHA3_224SHA3_256SHA3_384SHA3_512usePSSboolean | nullFor RSA Keys in PKCS11 Keystores only: use the PSS signature algorithm
overridePermissionsobject | null (OpenSSH Certificate Authority Override Permissions)typeboolean | nullCan the openssh certificate type be overridden
backdateboolean | nullCan the backdate be overridden
lifetimeboolean | nullCan the lifetime be overridden
triggersobject | null (TriggersCertificateAuthority)Triggers that apply on events on this OpenSSH Certificate Authority (CA)
onKRLGenerationarray of string | nullName of the triggers to execute when this CA's KRL are generated (manually or via cron)
onKRLGenerationErrorarray of string | nullName of the triggers to execute when an error occurs when this CA's KRL are generated (manually or via cron)
onKRLGenerationRecoverarray of string | nullName of the triggers to execute when this CA's KRL are successfully generated when the last status was error
onKRLSyncarray of string | nullName of the triggers to execute when this CA's KRL are synced
onKRLExpirationarray of string | nullName of the triggers to execute when this CA's KRL expire
queuestring | nullThe name of the queue to apply on this signer's operations
]
-
204 No OpenSSH Certificate Authority defined
-
401 Unauthorized request
application/problem+jsonerrorstring requiredThe error code of the problem
ValueSEC-AUTH-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-002messagestring requiredA short, human-readable summary of the problem type
ValueInvalid credentials or principal does not existtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid credentials or principal does not existdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-003messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is not trustedtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is not trusteddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-004messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-005messagestring requiredA short, human-readable summary of the problem type
ValueCertificate is revokedtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueCertificate is revokeddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-009messagestring requiredA short, human-readable summary of the problem type
ValueAuthentication expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueAuthentication expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-010messagestring requiredA short, human-readable summary of the problem type
ValuePrincipal not authenticated or authentication expiredtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValuePrincipal not authenticated or authentication expireddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
403 Forbidden action
application/problem+jsonerrorstring requiredThe error code of the problem
ValueLIC-001messagestring requiredA short, human-readable summary of the problem type
ValueInvalid Licensetitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInvalid Licensedetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-002messagestring requiredA short, human-readable summary of the problem type
ValueExpired Licensetitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueExpired Licensedetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueLIC-003messagestring requiredA short, human-readable summary of the problem type
ValueModule is not entitledtitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueModule is not entitleddetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
404 Not found
application/problem+jsonerrorstring requiredThe error code of the problem
ValueSEC-PERM-001messagestring requiredA short, human-readable summary of the problem type
ValueInsufficient privilegestitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueInsufficient privilegesdetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
-
500 Internal Server error
application/problem+jsonerrorstring requiredThe error code of the problem
ValueSSH-CA-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807
errorstring requiredThe error code of the problem
ValueSEC-AUTH-001messagestring requiredA short, human-readable summary of the problem type
ValueUnexpected errortitlestring requiredA short, human-readable summary of the problem type. In compliance with RFC7807
ValueUnexpected errordetailstring | nullA human-readable explanation specific to this occurrence of the problem. In compliance with RFC7807