Manage Certificate SOAP: Difference between revisions
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
{{BC|Community Sandbox}} | |||
__FORCETOC__ | |||
<div class="col-md-12 ibox-content"> | |||
=Manage Certificate SOAP= | |||
{{KB|{{Unsupported}}|{{ZCS 7.0}}|{{ZCS 6.0}}|}} | |||
{{Archive}}{{WIP}}Certificate Admin Extension gives ZCS an easy way to install Certificates, either self-signed or commercial, on the ZCS server easily. | {{Archive}}{{WIP}}Certificate Admin Extension gives ZCS an easy way to install Certificates, either self-signed or commercial, on the ZCS server easily. | ||
Line 94: | Line 99: | ||
</pre> | </pre> | ||
{{Article Footer|Zimbra Collaboration 7.0, 6.0|04/16/2014}} | |||
[[Category:Certificate]] | [[Category:Certificate]] | ||
[[Category:SOAP]] | [[Category:SOAP]] |
Latest revision as of 10:30, 12 July 2015
Manage Certificate SOAP
- This is archive documentation, which means it is not supported or valid for recent versions of Zimbra Collaboration.
- This article is a Work in Progress, and may be unfinished or missing sections.
Certificate Admin Extension gives ZCS an easy way to install Certificates, either self-signed or commercial, on the ZCS server easily.
The soap commands we used in the extension are the following
urn:zimbraAdmin
- If target Server id is "--- All Servers ---", the soap call will apply to all the servers. A flag will be set for the zmcertmgr
<GetCertRequest type="staged|all|mta|mailboxd|proxy|ldap" option="self|comm" server="server-id"> </GetCertRequest> <GetCertResponse> <cert type="staged|mta|mailboxd|proxy|ldap" server="server-name"> <name>{value}</name>* </cert> </GetCertResponse> type: (required) staged - view the staged crt other options are used to view the deployed crt option: (optional) it only matters when the type is staged. server: (required) server id, Name: C, ST, L, O, OU, CN, SubjectAltName Note: now only staged and all is handled. May need to support other options in the future
<GetCSRRequest type="self|comm" server="server-id"> </GetCSRRequest>
<GetCSRResponse csr_exists="0|1" isComm="0|1" server="server-name"> <name>{value}</name>* </GetCSRResponse> Name: C, ST, L, O, OU, CN, SubjectAltName csr_exits: 0 - doesn't exist, 1 - exists isComm (Currently not working/used): is the commercially signed cert exists 0 - doesn't exist, 1 - exists
<GenCSRRequest new="0|1" type="self|comm" server="server-id" keysize="1024|2048"> <name>{value}</name>* </GenCSRRequest> <GenCSRResponse server="server-name"> <name>{value}</name>* </GenCSRResponse> Request a CSR: Subject Attributes: C, ST, L, O, OU, CN, subject: example /C=US/ST=N_A/L=N_A/O=Zimbra Collaboration Suite/CN=admindev.zimbra.com new: 1 - force to create a new CSR, the previous one will be overwrited SubjectAltName: 0|*, it is used to add the Subject Alt Name extension in the certificate, so multiple hosts can be supported
<InstallCertRequest type="self|comm" server="server-id"> <subject> <{name}>{value}</{name}>* </subject> <SubjectAltName>{value}</SubjectAltName>* <validation_days>{value}</validation_days> ? <keysize>{1024|2048}</keysize>? <comm_cert> <cert> <aid>{value}</aid> <filename>{value></filename> </cert> <rootCA> <aid>{value}</aid> <filename>{value></filename> </rootCA>? <intermediateCA> <aid>{value}</aid> <filename>{value></filename> </intermediateCA>* </comm_cert>? </InstallCertRequest> <InstallCertResponse server="server-name" /> Ask server to install the certificates validation_days: required, number of the validation days of the self signed certificate, keysize: 1024|2048, key length of the self-signed certificate aid: attachedment ID of the uploaded commercial certificate