MarkLogic 12 Product Documentation
POST /manage/v2/certificate-templates

Summary

This resource address creates a new certificate template in the Security database.

URL Parameters
format	The format of the posted data. Can be either `html`, `json`, or `xml` (default). This value overrides the Accept header if both are present.

Request Headers
Accept	The expected MIME type of the request body. If the `format?` parameter is present, it takes precedence over the Accept header.
Content-type	The MIME type of the data in the request body. Depending upon the value of the `format` parameter or Accept header, one of `application/xml`, `application/json`, or `text/html`.

Response Headers
Content-type	The MIME type of the data in the response body. Depending upon the value of the `format` parameter or Accept header, one of `application/xml`, `application/json`, or `text/html`.
Location	If the request causes a restart, a Location header is included in the reponse. The header contains a path with which to construct a URL to usable to test when the restart has completed.

Response

Upon success, MarkLogic Server returns status code 201 (Created). If the certificate template already exists or if the payload is malformed, a status code of 400 (Bad Request) is returned. A status code of 401 (Unauthorized) is returned if the user does not have the necessary privileges.

Required Privileges

This operation requires one of the following:

the manage-admin and security role
the following privileges:
http://marklogic.com/xdmp/privileges/manage

http://marklogic.com/xdmp/privileges/manage-admin

http://marklogic.com/xdmp/privileges/get-user

http://marklogic.com/xdmp/privileges/xslt-invoke

Usage Notes

The structure of the data in the request body is as follows. The name, description, and csr properties are required.

The value of the key-options is essentially arbitrary XML. This cannot be encoded in JSON without limitations. The JSON format therefore accepts only a subset of the possible key option values.

template-id

A certificate template id. The template-id element is not permitted when using HTTP POST to create a new template. It is permitted in HTTP PUT, as a convenience, but must have the same value as returned by HTTP GET.

template-name

The name of the certificate request template.

template-description

A description of the certificate request template.

template-version

The certificate template's version.

key-type

The type of key to use (e.g. rsa).

key-options

The options for generating keys.

This is a complex structure with the following children:

key-length: The permitted key lengths.
pass-phrase: The pass phrase.

req

An X.509 certificate request

This is a complex structure with the following children:

version

The X509 version.

subject

The subject for a certificate or certificate request. You should fill in as many of these fields as possible because individual certificate authorities have specific requirements for which fields must have values. If a required field is missing, a certificate authority will typically reject your certificate request with a cryptic error message that your request is bad.

This is a complex structure with the following children:

countryName: A two character country code (e.g. "US").
stateOrProvinceName: The state or province your server is in.
localityName: The city your server is in.
organizationName: The organization or company your server belongs to (e.g. MarkLogic).
organizationalUnitName: The organizational unit your server belongs to (e.g. Engineering).
emailAddress: The email address to contact regarding your server (e.g. webmaster@yourcompany.com).
commonName: The common name of your server (e.g. www.yourcompany.com). This may be left blank when creating a certificate template, since individual servers will use their own host name.

v3ext

The X509v3 extensions.

Example


  cat myTemplate.json  
  ==>
 {
  "template-name": "myTemplate",
  "template-description": "My Template2",
  "key-type": "rsa",
  "key-options": {
    "key-length": "2048"
  },
  "req": {
    "version": "0",
    "subject": {
      "countryName": "US",
      "stateOrProvinceName": "CA",
      "localityName": "San Carlos",
      "organizationName": "MarkLogic",
      "organizationalUnitName": "Engineering",
      "commonName": "dude.marklogic.com",
      "emailAddress": "dude@marklogic.com"
    }
  }
}

  curl -X POST  --anyauth -u admin:admin --header "Content-Type:application/json" \
  -d @myTemplate.json http://localhost:8002/manage/v2/certificate-templates

  ==>  Creates a certificate template, named "myTemplate" in the Security database.

Stack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.

MarkLogic 12 Product DocumentationPOST /manage/v2/certificate-templates

Summary

Response

Required Privileges

Usage Notes

Example

MarkLogic 12 Product Documentation
POST /manage/v2/certificate-templates