MarkLogic 9 Product Documentation
POST /manage/v2/securitySummary
Perform a security operation such as rotating configuration, data, or log encryption keys.
URL Parameters |
operation |
The operation to be performed. Allowed values: rotate-config-encryption-key ,
rotate-data-encryption-key , rotate-logs-encryption-key ,
import-wallet , export-wallet . You can only use
this parameter when put the request parameters in request body and use
application/x-www-form-url-encoded as the request content type.
For other request content types, specify the operation in the JSON or XML
payload.
|
filename |
When operation is import-wallet , the fully qualified
path to an encrypted wallet file on the MarkLogic host. When operation
is export-wallet , the fully qualified path to a file on the MarkLogic
host where the encrypted wallet should be saved. You can only use
this parameter when put the request parameters in request body and use
application/x-www-form-url-encoded as the request content type.
For other request content types, specify the filename in the JSON or XML
payload.
|
password |
When operation is import-wallet , password with which
to decrypt the wallet file. When operation is export-wallet ,
the password with which to encrypt the wallet file. You can only use
this parameter when put the request parameters in request body and use
application/x-www-form-url-encoded as the request content type.
For other request content types, specify the password in the JSON or XML
payload.
|
Request Headers |
Content-type |
The MIME type of the data
in the request body. Depending upon the value of the format parameter or Accept header,
one of application/xml , application/json , or
application/x-www-form-url-encoded .
|
Response
A successful call to the endpoint will return the HTTP code 201 Created
.
The request has been fulfilled, resulting in the creation of a new resource.
application/x-www-form-urlencoded |
Form Encoded |
application/xml |
XML Content |
application/json |
JSON Content |
Required Privileges
This operation requires the
manage-admin
role, or the following privilege:
http://marklogic.com/xdmp/privileges/manage
Usage Notes
When importing or exporting a wallet file, the file name specified in the request
must be reachable from the host that receives this request. The specified file
must be readable by MarkLogic on import, and writable by MarkLogic on export.
Use the export-wallet
and import-wallet
operations
to export or import a keystore wallet. Use the rotate-*-encryption-key
operations to manually rotate your various encryption keys. For more details, see
Key Management in the Security Guide.
Example
# Rotating the configuration encryption key:
curl --anyauth --user username:password -i -X POST --header "Content-Type:application/json" \
-d '{"operation":"rotate-config-encryption-key"}' \
https://localhost:8002/manage/v2/security
Example
# Import a wallet to MarkLogic
curl --anyauth --user username:password -i -X POST --header "Content-Type:application/json" \
-d '{"operation":"import-wallet", "filename"="/your/file/here", "password": "yourpassword"}' \
https://localhost:8002/manage/v2/security
Copyright © 2024 MarkLogic Corporation. MARKLOGIC is a
registered trademark of MarkLogic Corporation.