Save TrustStore Template
The API will create and update the truststore bundle configuration and this consist of target and source configuration info.
Request Structure
| Endpoint: | /kube-save-truststore-template |
| Type: | POST |
| Sample URL: | https://<IP/HostName/TenantName>:<GWPORT>/avxapi/kube-save-truststore-template?gwsource=externalTo understand the elements of the sample URL, click here. |
| Headers: | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) A unique identifier assigned to a
user's session upon successful authentication. The session ID
remains valid until it expires, and it can contain alphanumeric
characters. Type: String Constraints: The session ID is used when username and password are not provided. Example:
|
| gwsource
|
(Mandatory) Source from which the request is
triggered. Type: String Example:
|
| payload
|
(Mandatory) Input data for request body in application/json format. For payload details, see Payload section. |
Payload
| Name | Description |
|---|---|
| name
|
Name of the trust store template. |
| targetClean
|
Indicates that existing content in the target Kubernetes
Secrets and ConfigMaps should be cleared or not before storing
the new trust store. The possible values are:
|
| kind
|
Specifies the type of trust store being created. |
| appviewxSourceDataList
|
Details of the the certificate sources to be included in the trust store. See appviewxSourceDataList. |
| secrets
|
Details of the secrete the where the trust store will be saved. See appviewxSourceDataList. |
| configMaps
|
Details of the configMaps the where the trust store will be saved. See appviewxSourceDataList. |
| Name | Description |
|---|---|
| certificateAuthority
|
The name of the certificate authority. For example: AppViewX. |
| category
|
The category of the certificate. The optiones are:
|
| commonName
|
The common name of the certificate. For example: AppViewX Intermediate CA. |
| serialNumbers
|
A list of valid serial numbers to identify specific certificates.
If you use .* instead of specific serial numbers,
it means all serial numbers that match the given certificate
authority (CA) configuration will be considered. |
| intermediateChainRequired
|
The requirement of the intermediate certificate chain. |
| Name | Description |
|---|---|
| name
|
The name of the secret. |
| namespaces
|
List of valid namespaces. Either provide the exact name or use regex (for example: truststore.*). |
| keyName
|
The keyName is used as key to store truststore certificate content as that key value in configmap. |
| Name | Description |
|---|---|
| name
|
The name of the secret. |
| namespaces
|
List of valid namespaces. Either provide the exact name or use regex (for example: truststore.*). |
| keyName
|
keyName is used as key to store truststore certificate content as that key value in configmap/secret. |
Status Codes
| HTTP Status code | appStatusCode | Message and Possible remediation |
|---|---|---|
| 200 OK | NA | Success |
| 400 Bad Request | KUBEPLUS-0017 | Mandatory field is missing or invalid values
specified - <<field name>> Possible remediation: Check and ensure that valid value is provided for <<field name>> field in the request. |
| 401 Unauthorized | AVX_GW_003 | Authentication failed, reason - Invalid
Credentials Possible remediation: Ensure that valid username and password or valid sessionId is provided as the header param. |
Sample Request/Response
https://<IP/HostName/TenantName>:<GWPORT>/avxapi/kube-save-truststore-template?gwsource=kube
{
"payload":{
"name" : "truststore-1",
"targetClean" : true,
"kind" : "TrustStoreCluster",
"appviewxSourceDataList" : [
{
"certificateAuthority" : "Amazon",
"category" : "Root CA",
"commonName" : "Amazon Root CA 4",
"serialNumbers" : [
"06:6C:9F:D7:C1:BB:10:4C:29:43:E5:71:7B:7B:2C:C8:1A:C1:0E"
],
"intermediateChainRequired" : false
},
{
"certificateAuthority" : "AppViewX",
"category" : "Intermediate CA",
"commonName" : "AppViewX Intermediate CA",
"serialNumbers" : [
"08:E5:54:A0:54:44:1B:29:CC:E3:ED:87:B8:7D:98:AD"
],
"intermediateChainRequired" : true
}
],
"secrets" : [
{
"name" : "secret1",
"namespaces" : [
"truststore-ns-1"
],
"keyName" : "truststoreContent"
}
],
"configMaps" : [
{
"name" : "configmap1",
"namespaces" : [
"truststore-ns-1"
],
"keyName" : "truststoreContent"
}
]
}
}{
"response": {
"messageType": "SUCCESS",
"message": "Trust store updated successfully"
},
"message": "Trust store updated successfully",
"appStatusCode": "success",
"tags": null,
"headers": null
}Reference
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: execute-hook
- gwsource: Source or origin of a gateway, for example: external.