The REST API provides the following methods for managing security objects:
- GET /admin/security/info
- POST /admin/security/ssl/certificate
- POST /admin/security/ssl/privatekey
- POST /admin/security/symmetrickey
- POST /admin/security/ssh/privatekey
- POST /admin/security/ssh/publickey
- POST /admin/security/rpg/privatekeyring
- POST /admin/security/rpg/publickeyring
- DELETE /admin/security/ssl/certificate
- DELETE /admin/security/ssl/privatekey
- DELETE /admin/security/symmetrickey
- DELETE /admin/security/ssh/privatekey
- DELETE /admin/security/ssh/publickey
- DELETE /admin/security/rpg/privatekeyring
- DELETE /admin/security/rpg/publickeyring
- PUT /admin/security/ssl/certificate
- PUT /admin/security/ssl/privatekey
- PUT /admin/security/symmetrickey
- PUT /admin/security/ssh/privatekey
- PUT /admin/security/ssh/publickey
- PUT /admin/security/rpg/privatekeyring
- PUT /admin/security/rpg/publickeyring
Security object methods enable the querying of security objects that exist on the Rhapsody engine, and the adding and deleting security objects from the Rhapsody engine.
They are only available over HTTPS, and the user must have the appropriate Access Rights to perform these actions.
When posting security objects to the engine, the data element of the JSON sent to the engine should contain the security object encoded as base64. You must ensure that the tool you use for base64 encoding does not insert line-breaks when generating base64, as this may lead to errors.
When you add or delete a security object, you must restart the component using that security object in order for the change to take effect.
GET /admin/security/info
URI |
|
|---|---|
Description |
Returns a list of all the security objects. |
Request Header |
|
|
|
Accept: application/vnd.orchestral.rhapsody.6_2_3+json |
|
Request Body |
Empty. |
Response Status |
|
| Response Body |
"securityObjects": [
{
"alias": "filezilla-ftp2-cer",
"type": "SSL_CERTIFICATE",
"expiry": "20250711T122640.000+1200"
},
{
"alias": "DSA with SHA1",
"type": "SSL_PRIVATE_KEY",
"expiry": "20301220T135610.000+1300"
},
{
"alias": "rhap-test-diff-keyring-pub",
"type": "RPG_PUBLIC_KEY_RING",
"keys": [
{
"keyId": "0x6E574F64",
"expiry": "20170215T120000.000+1300"
},
{
"keyId": "0xB80B8740",
"expiry": "20180214T000000.000+1300"
},
{
"keyId": "0x005F471F",
"expiry": null
}
]
},
{
"alias": "rhap-test-diff-keyring-sec",
"type": "RPG_PRIVATE_KEY_RING",
"keys": [
{
"keyId": "0x6E574F64",
"expiry": null
},
{
"keyId": "0xB80B8740",
"expiry": null
},
{
"keyId": "0x005F471F",
"expiry": null
}
]
}
]
|
Access Rights |
'View certificates and keys REST API'. |
POST /admin/security/ssl/certificate
URI |
|
|---|---|
Description |
Adds an SSL certificate to the engine. The alias must be unique on the engine. An optional commit comment can be provided. |
Request Header |
|
Content-Type: vnd.orchestral.rhapsody.6_0+jsonCSRF Protection Enabled |
|
Request Body |
An SSL certificate object, for example: {
"alias": "sslCertificate",
"data": "lmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAoMHgyKQ0KICAgICAgICBTZXJpYWwgTnVt
YmVyOg0KICAgICAgICAgICAgYzg6MWQ6ZGM6MGU6ZWI6MzQ6OWQ6MjQNCiAgICBTaWduYXR1cmUgQWxnb3JpdGhtOiBzaGEx
V2l0aFJTQUVuY3J5cHRpb24NCiAgICAgICAgSXNzdWVyOiBDPU5aLCBTVD1Ob3J0aCBJc2xhbmQsIEw9QXVja2xhbmQsIE89
T3Jpb24gSGVhbHRoLCBPVT1SaGFwc29",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
POST /admin/security/ssl/privatekey
URI |
|
|---|---|
Description |
Adds an SSL private key to the engine. The alias must be unique on the engine. The password must be the correct password for the private key. An optional commit comment can be provided. |
Request Header |
|
|
|
Request Body |
An SSL private key object, for example: {
"alias": "sslCertificate",
"password": "secret",
"data": "lmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAoMHgyKQ0KICAgICAgICBTZXJpYWwgTnVt
YmVyOg0KICAgICAgICAgICAgYzg6MWQ6ZGM6MGU6ZWI6MzQ6OWQ6MjQNCiAgICBTaWduYXR1cmUgQWxnb3JpdGhtOiBzaGEx
V2l0aFJTQUVuY3J5cHRpb24NCiAgICAgICAgSXNzdWVyOiBDPU5aLCBTVD1Ob3J0aCBJc2xhbmQsIEw9QXVja2xhbmQsIE89
T3Jpb24gSGVhbHRoLCBPVT1SaGFwc29",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
POST /admin/security/symmetrickey
URI |
|
|---|---|
Description |
Adds a symmetric key to the engine. The alias must be unique on the engine. The type must be the name of a supported symmetric key algorithm. The supported algorithms are: AES, Blowfish, CAST5, CAST6, DES, DESede, RC2, RC5, RC6, Rijndael, Skipjack, Twofish, Serpent, RC4. An optional commit comment can be provided. |
Request Header |
|
|
|
Request Body |
A symmetric key object, for example: {
"alias": "symmetricKey",
"type": "AES",
"data": "lmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAoMHgyKQ0KICAgICAgICBTZXJpYWwgTnVt
YmVyOg0KICAgICAgICAgICAgYzg6MWQ6ZGM6MGU6ZWI6",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
POST /admin/security/ssh/privatekey
URI |
|
|---|---|
Description |
Adds an SSH private key to the engine. The alias must be unique on the engine. The passphrase must be the correct passphrase for the SSH private key. An optional commit comment can be provided. |
Request Header |
|
|
|
Request Body |
A SSH private key object, for example: {
"alias": "sshKey",
"passphrase": "secret",
"data": "lmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAoMHgyKQ0KICAgICAgICBTZXJpYWwgTnVt
YmVyOg0KICAgICAgICAgICAgYzg6MWQ6ZGM6MGU6ZWI6MzQ6OWQ6MjQNCiAgICBTaWduYXR1cmUgQWxnb3JpdGhtOiBzaGEx
V2l0aFJTQUVuY3J5cHRpb24NCiAgICAgICAgSXNzdWVyOiBDPU5aLCBTVD1Ob3J0aCBJc2xhbmQsIEw9QXVja2xhbmQsIE89
T3Jpb24gSGVhbHRoLCBPVT1SaGFwc29",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
POST /admin/security/ssh/publickey
URI |
|
|---|---|
Description |
Adds an SSH public key to the engine. The alias must be unique on the engine. An optional commit comment can be provided. |
Request Header |
|
|
|
Request Body |
An SSH public key object, for example: {
"alias": "sshKey",
"data": "lmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAoMHgyKQ0KICAgICAgICBTZXJpYWwgTnVt
YmVyOg0KICAgICAgICAgICAgYzg6MWQ6ZGM6MGU6ZWI6MzQ6OWQ6MjQNCiAgICBTaWduYXR1cmUgQWxnb3JpdGhtOiBzaGEx
V2l0aFJTQUVuY3J5cHRpb24NCiAgICAgICAgSXNzdWVyOiBDPU5aLCBTVD1Ob3J0aCBJc2xhbmQsIEw9QXVja2xhbmQsIE89
T3Jpb24gSGVhbHRoLCBPVT1SaGFwc29",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
POST /admin/security/rpg/privatekeyring
URI |
|
|---|---|
Description |
Adds an RPG private keyring to the engine. The alias must be unique on the engine. The password must be the correct password for the private key. An optional commit comment can be provided. |
Request Header |
|
|
|
Request Body |
An RPG private keyring object, for example: {
"alias": "rpgPrivateKeyring",
"passphrase": "secret",
"data": "lmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAoMHgyKQ0KICAgICAgICBTZXJpYWwgTnVt
YmVyOg0KICAgICAgICAgICAgYzg6MWQ6ZGM6MGU6ZWI6MzQ6OWQ6MjQNCiAgICBTaWduYXR1cmUgQWxnb3JpdGhtOiBzaGEx
V2l0aFJTQUVuY3J5cHRpb24NCiAgICAgICAgSXNzdWVyOiBDPU5aLCBTVD1Ob3J0aCBJc2xhbmQsIEw9QXVja2xhbmQsIE89
T3Jpb24gSGVhbHRoLCBPVT1SaGFwc29",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
POST /admin/security/rpg/publickeyring
URI |
|
|---|---|
Description |
Adds an RPG public keyring to the engine. The alias must be unique on the engine. An optional commit comment can be provided. |
Request Header |
|
|
|
Request Body |
An RPG public keyring object, for example: {
"alias": " rpgPublicKeyring",
"data": "lmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAoMHgyKQ0KICAgICAgICBTZXJpYWwgTnVt
YmVyOg0KICAgICAgICAgICAgYzg6MWQ6ZGM6MGU6ZWI6MzQ6OWQ6MjQNCiAgICBTaWduYXR1cmUgQWxnb3JpdGhtOiBzaGEx
V2l0aFJTQUVuY3J5cHRpb24NCiAgICAgICAgSXNzdWVyOiBDPU5aLCBTVD1Ob3J0aCBJc2xhbmQsIEw9QXVja2xhbmQsIE89
T3Jpb24gSGVhbHRoLCBPVT1SaGFwc29",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
DELETE /admin/security/ssl/certificate
URI |
|
|---|---|
Description |
Deletes an SSL certificate with the option of adding a commit comment. |
Request Header |
|
|
|
Request Body |
The alias and commit comment in JSON format, for example: {
"alias":"sslCertificate",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
DELETE /admin/security/ssl/privatekey
URI |
|
|---|---|
Description |
Deletes an SSL private key with the option of adding a commit comment. |
Request Header |
|
CSRF Protection Enabled |
|
Request Body |
The alias and commit comment in JSON format, for example: {
"alias":"sslKey",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
DELETE /admin/security/symmetrickey
URI |
|
|---|---|
Description |
Deletes a symmetric key with the option of adding a commit comment. |
Request Header |
|
|
|
Request Body |
The alias and commit comment in JSON format, for example: {
"alias":"symmetricKey",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
DELETE /admin/security/ssh/privatekey
URI |
|
|---|---|
Description |
Deletes an SSH private key with the option of adding a commit comment. |
Request Header |
|
Content-Type: application/vnd.orchestral.rhapsody.6_0+json CSRF Protection Enabled |
|
Request Body |
The alias and commit comment in JSON format, for example: {
"alias":"sshKey",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
DELETE /admin/security/ssh/publickey
URI |
|
|---|---|
Description |
Deletes an SSH public key with the option of adding a commit comment. |
Request Header |
|
|
|
Request Body |
The alias and commit comment in JSON format, for example: {
"alias":"sshKey",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
DELETE /admin/security/rpg/privatekeyring
URI |
|
|---|---|
Description |
Deletes an RPG private keyring with the option of adding a commit comment. |
Request Header |
|
|
|
Request Body |
The alias and commit comment in JSON format, for example: {
"alias":"rpgPrivateKeyring",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
DELETE /admin/security/rpg/publickeyring
URI |
|
|---|---|
Description |
Deletes an RPG public keyring with the option of adding a commit comment. |
Request Header |
|
|
|
Request Body |
The alias and commit comment in JSON format, for example: {
"alias":"rpgPublicKeyring",
"commitComment":"myComment"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
PUT /admin/security/ssl/certificate
URI |
|
|---|---|
Description |
Loads a SSL certificate onto the engine, overwriting any existing SSL certificate with the same alias. |
Request Header |
|
|
|
Request Body |
{
"alias":"ssl certificate",
"commitComment":"updated ssl certificate",
"data":"Q2VydGlmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAo"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
PUT /admin/security/ssl/privatekey
URI |
|
|---|---|
Description |
Loads a SSL private key onto the engine, overwriting any existing SSL private key with the same alias. |
Request Header |
|
|
|
Request Body |
{
"alias":"ssl private",
"password":"rhapsody",
"commitComment":"updated ssl private key",
"data":"Q2VydGlmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAo"
}
|
Response Status |
|
Response Body |
Empty. |
Access Rights |
'Write certificates and keys REST API'. |
PUT /admin/security/symmetrickey
URI |
|
|---|---|
Description |
Loads a symmetric key onto the engine, overwriting any existing symmetric key with the same alias. |
Request Header |
|
|
|
Request Body |
{
"alias":"symmetric",
"type":"AES",
"commitComment":"updated symmetric key",
"data":"Q2VydGlmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAo"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
PUT /admin/security/ssh/privatekey
URI |
|
|---|---|
Description |
Loads a SSH private key onto the engine, overwriting any existing SSH private key with the same alias. |
Request Header |
|
|
|
Request Body |
{
"alias":"ssh private",
"passphrase":"rhapsody",
"commitComment":"updated ssh private key",
"data":"Q2VydGlmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAo"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
PUT /admin/security/ssh/publickey
URI |
|
|---|---|
Description |
Loads a SSH public key onto the engine, overwriting any existing SSH public key with the same alias. |
Request Header |
|
|
|
Request Body |
{
"alias":"ssh public",
"commitComment":"updated ssh public key",
"data":"Q2VydGlmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAo"
}
|
Response Status |
|
Response Body |
Empty. |
Access Rights |
'Write certificates and keys REST API'. |
PUT /admin/security/rpg/privatekeyring
URI |
|
|---|---|
Description |
Loads an RPG private keyring onto the engine, overwriting any existing RPG private key with the same alias. |
Request Header |
|
|
|
Request Body |
{
"alias":" rpgPrivateKeyring",
"password":"rhapsody",
"commitComment":"updated rpg private key",
"data":"Q2VydGlmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAo"
}
|
Response Status |
|
| Response Body | Empty. |
Access Rights |
'Write certificates and keys REST API'. |
PUT /admin/security/rpg/publickeyring
URI |
|
|---|---|
Description |
Loads an RPG public keyring onto the engine, overwriting any existing RPG public keyrings with the same alias. |
Request Header |
|
|
|
Request Body |
{
"alias":" rpgPublicKeyring",
"commitComment":"updated rpg public keyring",
"data":"Q2VydGlmaWNhdGU6DQogICAgRGF0YToNCiAgICAgICAgVmVyc2lvbjogMyAo"
}
|
Response Status |
|
Response Body |
Empty. |
Access Rights |
'Write certificates and keys REST API'. |