Skip To Content

SSL Certificate

Description

The certificate resource returns information for a specific certificate. It also provides access to the export, delete, importSignedCertificate, and generateCSR certificate operations.

A certificate represents a key pair that has been digitally signed and acknowledged by a certificate authority (CA). It is a fundamental component in enabling SSL on a server. This resource returns information about an individual certificate. New self-signed certificates created by the generate certificate operation are added to the keystore. For browsers and other HTTP client applications to trust the SSL connection on the server, these certificates must be digitally signed by a CA and imported into the keystore.

Note:

Typically, certificates are associated with a machine name. If the name of the machine changes, the certificate must be regenerated.

Note:

Even though a self-signed certificate can be used to enable SSL, it is recommended that you use a self-signed certificate on staging and development servers.

Request parameters

ParameterDetails
f

The response format. The default response format is html.

Values: html | json | pjson

Example usage

The following is a sample request URL for a certificate resource:

https://machine.domain.com/webadaptor/admin/machines/MACHINE.DOMAIN.COM/sslcertificates/selfSignedCertificate?f=json

JSON Response syntax


{
  "aliasName": "<alias>",
  "entryType": "PrivateKeyEntry",
  "issuer": "<certificate issuer information>",
  "subject": "<certificate subject information>",
  "subjectAlternativeName": [<alternate name information>],
  "validFrom": "<starting date and time information for certificate validity>",
  "validUntil": "<ending date and time information for certificate validity>",
  "validFromEpoch": "<Epoch format of the starting date above>", //Introduced at ArcGIS Enterprise 11.1
  "validUntilEpoch": "<Epoch format of the ending date above>",  //Introduced at ArcGIS Enterprise 11.1
  "keyAlgorithm": "<key algorithm>",
  "keySize": "<key size>",
  "serialNumber": "<serial number>",
  "version": "3",
  "signatureAlgorithm": "<signature algorithm>",
  "keyUsage": [<key usage>],
  "md5Fingerprint": "<MD5 fingerprint>",
  "sha1Fingerprint": "<SHA1 fingerprint>",
  "sha256Fingerprint": "<SHA256 fingerprint>"
}

JSON Response example

The following is a sample JSON Response for a self-signed certificate:


{
  "aliasName": "selfsignedcertificate",
  "entryType": "PrivateKeyEntry",
  "issuer": "CN=SERVER.COMPANY.COM, O=SelfSignedCertificate",
  "subject": "CN=SERVER.COMPANY.COM, O=SelfSignedCertificate",
  "subjectAlternativeNames": ["DNSName: MACHINE.DOMAIN.COM"],
  "validFrom": "Fri Dec 16 06:07:04 PST 2022",
  "validUntil": "Sun Oct 24 07:07:04 PDT 2055",
  "validFromEpoch": 1671199624000,
  "validUntilEpoch": 2707999624000,
  "keyAlgorithm": "RSA",
  "keySize": 2048,
  "serialNumber": "64ed6d0f",
  "version": 3,
  "signatureAlgorithm": "SHA256withRSA",
  "keyUsage": [],
  "md5Fingerprint": "a1dbaf706d2befc43beaf9bfb9f639df",
  "sha1Fingerprint": "980fbeaa248f624144ee87e192da473f6c8ea78f",
  "sha256Fingerprint": "fef71dd8827b30b2b88032cc6f035a2a6aa810f2ce324cbecbb3fdeced0279d1"
}