| API Description | API Path |
|---|---|
Return All Added CRLsReturns information about all CRLs. For additional information, include the ?details=true modifier at the end of the request URI. |
GET /policy/api/v1/infra/crls
GET /policy/api/v1/global-infra/crls |
Delete a CRLDeletes an existing CRL. |
DELETE /policy/api/v1/infra/crls/{crl-id}
|
Show CRL Data for the Given CRL id.Returns information about the specified CRL. For additional information, include the ?details=true modifier at the end of the request URI. |
GET /policy/api/v1/infra/crls/{crl-id}
GET /policy/api/v1/global-infra/crls/{crl-id} |
Create or patch a Certificate Revocation ListCreate or patch a Certificate Revocation List for the given id. The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. The CRL must contain PEM data for a single CRL. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the presence of fields pem_encoded or one_crl. |
PATCH /policy/api/v1/infra/crls/{crl-id}
|
Create a new Certificate Revocation ListAdds a new certificate revocation list (CRLs). The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the presence of fields pem_encoded or one_crl. An X.509 CRL can contain a single CRL or multiple CRLs depending on the PEM data. - Single CRL: a single CRL is created with the given id. - Composite CRL: multiple CRLs are generated. Each of the CRL is created with an id generated based on the given id. First CRL is created with crl-id, second with crl-id-1, third with crl-id-2, etc. |
POST /policy/api/v1/infra/crls/{crl-id}?action=import
|
Upload a new or updated Certificate Revocation ListAdds or replaces a certificate revocation list (CRLs). The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the upload content. An X.509 CRL can contain a single CRL or multiple CRLs depending on the PEM data. - Single CRL: a single CRL is created with the given id. - Composite CRL: multiple CRLs are generated. Each of the CRL is created with an id generated based on the given id. First CRL is created with crl-id, second with crl-id-1, third with crl-id-2, etc. Differently from action=import, this method allows multi-part upload of the CRL(s). The TlsCrl resource returned in the body of the response will have an empty pem_encoded field, as it may be large. Use a GET request to retrieve the PEM-encoded CRL. |
POST /policy/api/v1/infra/crls/{crl-id}?action=upload
|
Create or fully replace a Certificate Revocation ListCreate or replace a Certificate Revocation List for the given id. The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. The CRL must contain PEM data for a single CRL. Revision is required. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the presence of fields pem_encoded or one_crl. |
PUT /policy/api/v1/infra/crls/{crl-id}
|