Import Existing Server Certificates

URL:: https://<root>/machines/<machine>/sslcertificates/importExistingServerCertificates
Methods:: POST
Version Introduced:: 10.2

Access requirements

Required privileges

The Sever Administrator API requires privilege-based access. An administrator must be assigned a specific user privilege, or role, to access any given endpoint. Listed below are the user privileges or roles an administrator can be assigned that provides access to this endpoint. If multiple privileges are listed, only one needs to be assigned to gain access.

Security and infrastructure

Note that administrators assigned a custom role must also have the administrative View all content privilege assigned to them to access the API directory as an administrator.

Tokens

This API requires token-based authentication. A token is automatically generated for administrators who sign in to the Server Administrator API directory's HTML interface. Tokens generated in this way are stored for the entirety of the session.

Those accessing the API directory outside of the HTML interface will need to acquire a session token from the generateToken operation in the Portal Directory API. For security reasons, all POST requests made to the Server Administrator API must include a token in the request body.

Learn how to generate a token

Description

The importExistingServerCertificate operation imports an existing server certificate, stored in the PKCS #12 format, into the keystore. If the certificate is a CA signed certificate, you must first import the CA Root or Intermediate certificate using the Import Root Certificate operation.

Request parameters

Parameter	Details
`alias`	A unique name for the certificate that easily identifies it. Example Use dark colors for code blocksCopy `1 existingCert`
`certPassword`	The password to unlock the file containing the certificate. Example Use dark colors for code blocksCopy `1 certPassword`
`certFile`	The multi-part POST parameter containing the certificate file.
`importCertificateChain`	Introduced in 11.3. Specifies if the root or intermediate certificates included inside the existing certificate file should also be imported. By default, the parameter is set to `true`. Values: `true` \| `false`
`f`	The response format. The default response format is `html`. Values: `html` \| `json` \| `pjson`

Example usage

The following is a sample POST request for the importExistingServerCertificate operation:

Use dark colors for code blocksCopy
POST /<context>/admin/machines/MACHINE.EXAMPLE.COM/sslcertificates/importExistingServerCertificates HTTP/1.1
Host: organization.example.com
Content-Type: multipart/form-data; boundary=----boundary

------boundary
Content-Disposition: form-data; name="certPassword"

certPassword
------boundary
Content-Disposition: form-data; name="alias"

existingCert
------boundary
Content-Disposition: form-data; name="certFile"; filename=""
Content-Type: application/octet-stream

certFile.pfx
------boundary
Content-Disposition: form-data; name="importCertificateChain"

true
------boundary
Content-Disposition: form-data; name="f"

pjson
------boundary

JSON Response example

Use dark colors for code blocksCopy
{"status": "success"}