Difference between revisions of "Manage Certificate SOAP"

 
Line 1: Line 1:
 +
{{BC|Community Sandbox}}
 +
__FORCETOC__
 +
<div class="col-md-12 ibox-content">
 +
=Manage Certificate SOAP=
 +
{{KB|{{Unsupported}}|{{ZCS 7.0}}|{{ZCS 6.0}}|}}
 
{{Archive}}{{WIP}}Certificate Admin Extension gives ZCS an easy way to install Certificates, either self-signed or commercial, on the ZCS server easily.
 
{{Archive}}{{WIP}}Certificate Admin Extension gives ZCS an easy way to install Certificates, either self-signed or commercial, on the ZCS server easily.
  
Line 94: Line 99:
  
 
</pre>
 
</pre>
 
+
{{Article Footer|Zimbra Collaboration 7.0, 6.0|04/16/2014}}
 
[[Category:Certificate]]
 
[[Category:Certificate]]
 
[[Category:SOAP]]
 
[[Category:SOAP]]

Latest revision as of 10:30, 12 July 2015

Manage Certificate SOAP

   KB 5671        Last updated on 2015-07-12  




0.00
(0 votes)

Certificate Admin Extension gives ZCS an easy way to install Certificates, either self-signed or commercial, on the ZCS server easily.

The soap commands we used in the extension are the following


urn:zimbraAdmin


  • If target Server id is "--- All Servers ---", the soap call will apply to all the servers. A flag will be set for the zmcertmgr
<GetCertRequest type="staged|all|mta|mailboxd|proxy|ldap" option="self|comm"
	server="server-id">
</GetCertRequest>

<GetCertResponse>
	<cert type="staged|mta|mailboxd|proxy|ldap" server="server-name"> 
		<name>{value}</name>*
	</cert>
</GetCertResponse>

type: (required) 
	  staged - view the staged crt
	  other options are used to view the deployed crt	
option: (optional)
	  it only matters when the type is staged.
server: (required) server id, 
Name: C, ST, L, O, OU, CN, SubjectAltName
Note: now only staged and all is handled. May need to support other options in the future
<GetCSRRequest type="self|comm" server="server-id">
	
</GetCSRRequest>
<GetCSRResponse csr_exists="0|1" isComm="0|1" server="server-name">
	<name>{value}</name>*
</GetCSRResponse>

Name: C, ST, L, O, OU, CN, SubjectAltName
csr_exits: 0 - doesn't exist, 1 - exists
isComm (Currently not working/used): is the commercially signed cert exists 0 - doesn't exist, 1 - exists
<GenCSRRequest new="0|1" type="self|comm" server="server-id" keysize="1024|2048">
  	<name>{value}</name>*
</GenCSRRequest>

<GenCSRResponse server="server-name">
	<name>{value}</name>*
</GenCSRResponse>
Request a CSR:
Subject Attributes: C, ST, L, O, OU, CN,
subject: example /C=US/ST=N_A/L=N_A/O=Zimbra Collaboration Suite/CN=admindev.zimbra.com
new: 1 - force to create a new CSR, the previous one will be overwrited
SubjectAltName: 0|*, it is used to add the Subject Alt Name extension in the certificate, so multiple hosts can be supported
<InstallCertRequest type="self|comm" server="server-id">
  	<subject>
  	    <{name}>{value}</{name}>*
  	</subject>
  	<SubjectAltName>{value}</SubjectAltName>*
  	<validation_days>{value}</validation_days> ?
  	<keysize>{1024|2048}</keysize>?
  	<comm_cert>
  		<cert>
  			<aid>{value}</aid>
  			<filename>{value></filename>
  		</cert>
  		<rootCA>
  			<aid>{value}</aid>
  			<filename>{value></filename>
  		</rootCA>?
  		<intermediateCA>
  			<aid>{value}</aid>
  			<filename>{value></filename>
  		</intermediateCA>*		
	</comm_cert>?
</InstallCertRequest>

<InstallCertResponse server="server-name" />

Ask server to install the certificates
validation_days: required, number of the validation days of the self signed certificate,
keysize: 1024|2048, key length of the self-signed certificate
aid: attachedment ID of the uploaded commercial certificate

Verified Against: Zimbra Collaboration 7.0, 6.0 Date Created: 04/16/2014
Article ID: https://wiki.zimbra.com/index.php?title=Manage_Certificate_SOAP Date Modified: 2015-07-12



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search