Application certificates configuration using Secure Private Access API
This topic provides instructions on how to handle an application’s certificate using the Secure Private Access API.
A certificate must be present if you have enabled direct access to the application from a client browser.
1. Get a list of application certificates
The following is an example of a GET request and response for getting a list of certificates:
GET https://api.cloud.com/accessSecurity/certificate
Successful response sample
An empty 201 Created response with a JSON body:
{
"items": [
{
"certificateName": "TestName",
"certificateId": "b232288e2-cdf0-430e-adac-5b100271ad3d"
},
{
"certificateName": "TestName1",
"certificateId": "a568352e2-cdf0-430e-daca-5b100271ad3d"
}
]
}
<!--NeedCopy-->
For detailed information on how to list all certificates using the Secure Private Access API, see Handling Application Certificates.
Note:
You can also get the list of application certificates from the Secure Private Access service user interface. Navigate to the Applications tab. When you add or edit an application using the user interface, you can view the list of certificates in the Direct Access section.
2. Get certificate for a specific application
The following is an example of a GET request and response for getting the certificate of a specific application and a specific URL. The applications’s UUID and the encoded URL are appended to the request URL:
GET https://api.cloud.com/accessSecurity/application/<uuid:applicationId>/domain/<path:encodedURL>
Successful response sample
A 200 OK response with a JSON body that contains a certificate object:
{
"certificateName": "TestName",
"certificateId": "b232288e2-cdf0-430e-adac-5b100271ad3d",
"domain": "test.com",
"message": "Test Message"
}
<!--NeedCopy-->
For detailed information on how to get a specific certificate using the Secure Private Access API, see Handling Application Certificates.
Note:
You can also get the certificate for a specific application from the Secure Private Access service user interface. Navigate to the Applications tab. When you add or edit an application using the user interface, you can view the list of certificates in the Direct Access section.
3. Create a certificate
The following is an example of a POST request and response for creating a new certificate:
POST https://api.cloud.com/accessSecurity/certificate
Request body sample
{
"certificateName": "TestName",
"certificate": "Certificate Base64 Encoded",
"certificatePassword": "Certificate Password"
}
<!--NeedCopy-->
Successful response sample
An empty 201 Created response with a JSON body:
{
"certificateName": "TestName",
"certificateId": "b232288e2-cdf0-430e-adac-5b100271ad3d"
}
<!--NeedCopy-->
For detailed information on how to create a certificate using the Secure Private Access API, see Handling Application Certificates.
Note:
You can also add a new certificate from the Secure Private Access service user interface.
Navigate to the Applications tab.
Add or edit an application.
In the Direct Access section select Add new SSL certificate.
Upload the “.pem” or “.pfx” file.
4. Associate a certificate with an application
The following is an example of a PUT request and response for correlating a certificate with a specific application and URL. The applications’s UUID and the encoded URL are appended to the request URL:
PUT https://api.cloud.com/accessSecurity/application/<uuid:applicationId>/domain/<path:encodedURL>
Request body sample
{
"certificateId": "b232288e2-cdf0-430e-adac-5b100271ad3d"
}
<!--NeedCopy-->
Successful response sample
A 204 NO CONTENT response with an empty body.
For detailed information on how to associate a certificate with an application using the Secure Private Access API, see Handling Application Certificates.
Note:
You can also add a new certificate from the Secure Private Access service user interface.
Navigate to the Applications tab.
Add or edit an application.
In the Direct Access section select Add new SSL certificate.
Upload the “.pem” or “.pfx” file. Optionally, you can use a password for the certificate.
5. Disassociate a certificate from an application
The following is an example of a DELETE request and response for disassociating a certificate with an application and URL. The applications’s UUID and the encoded URL are appended to the request URL:
DELETE https://api.cloud.com/accessSecurity/application/<uuid:applicationId>/domain/<path:encodedURL>
Successful response sample
A 204 NO CONTENT response with an empty body.
For detailed information on how to disassociate a certificate from a specific application using the Secure Private Access API, see Handling Application Certificates.
Note:
You can also disassociate a certificate from an application and a domain from the Secure Private Access service user interface.
Navigate to the Applications tab.
Add or edit an application.
In the Direct Access section, click the - button next to the SSL certificate field.
6. Delete a certificate
The following is an example of a DELETE request and response for deleting a certificate. The certificate’s UUID is appended to the request URL:
DELETE https://api.cloud.com/accessSecurity/certificate/{{certificateUUID}}`
Successful response sample
A 204 NO CONTENT response with an empty body.
-
For detailed information on how to delete a certificate using the Secure Private Access API, see Handling Application Certificates.
-
For more information on handling certificates in the Secure Private Access service user interface, see Direct access to Enterprise web apps.