No results
- Overview
- Resources
- API summary
- List CA sets
- Create a CA set
- Get the latest version of the CA set
- Update a CA set
- Delete a CA set
- Get IDs of all active versions of a CA set
- Get a certain version of the CA set
- Get the latest version of the CA set with certificates listed individually
- Get a certain version of the CA set with certificates listed individually
- Get the certificate by ID
- Get a list of certificates in the latest version of the CA set
- Get a list of certificates in a certain version of the CA set
- Get all active versions of a CA set including trust chains
- Get the deployment status of a CA set
- Deploy a CA set to the network
- Get deployment status of a certain version of the CA set
- Deploy a certain version of the CA set to the network
- Validate a CA set
- Data
- Errors
Trust Chain Manager API v1
Learn more:
Download this API’s RAML and JSON schema descriptors.
Overview
The Trust Chain Manager API lets you create, manage, and deploy CA certificate sets for Akamai to authenticate a client certificate from a user’s browser.
Each CA set contains one or more trusted CA certificates that validate the client certificates presented by a user during the TLS handshake at the Edge - a process called mutual authentication (mTLS).
Think of a “CA set” as a virtual certificate trust store that relates to one or more of your edge certificates. This eases TLS mutual authentication. All CA certificates included in a CA set (whether intermediate or root) are mTLS trust anchors at the Edge. By default, Trust Chain Manager requires each intermediate CA certificate in the CA set to have its signing certificate. It creates a valid certificate chain that terminates at a self-signed root certificate. You may choose to opt out of this root certificate path validation need for a CA set.
You can create one or more CA sets. Each of them contains diverse groupings of trusted intermediate and root certificates. These meet different mTLS requirements. You can manage and access CA certificates within all contracts under the account you created them in. Once a new CA set deploys to both Staging and Production, you can use the CPS API. It applies that set to one or more edge certificates on a contract. This enables mTLS on those certificates.
Get started
To configure this API for the first time:
Review Get Started with APIs for details on how to set up client tokens to access any Akamai API. These tokens appear as custom hostnames that look like this:
https://akzz-XXXXXXXXXXXXXXXX-XXXXXXXXXXXXXXXX.luna.akamaiapis.net.To enable this API, choose the API service named Trust Chain Manager, and set the access level to READ-WRITE.
Get assigned to the TCMEdit role to use the API to its full extent. This includes the operations to change the state of your system. The CPSView and CPSBasic roles limit your use of the API to
read-onlyoperations.
API concepts
This list provides a road map of all the conceptual objects you deal with when interacting with the Trust Chain Manager API, and provides pointers to where you can learn more.
SetFullData. Defines a CA set that contains a collection of one or more valid intermediate or root CA certificates to be trusted for mTLS. It also contains the target deployment network for a new CA set, or the deployment status of an existing CA set. See the SetFullData object type.
SetRef. A response object that contains identifying information for a newly created or recently updated CA set. See the SetRef object type.
Set. A response object for both abbreviated identifying information and deployment status of a CA set used when listing available CA sets. The CA certificates are not included in the abbreviated response. The CA certificates are not included in the abbreviated response. Use the set id included in this object to fetch detailed information for the CA set. See the Set object type.
Deployment. Indicates the target networks for a deployment. You can deploy to Staging or Production networks, as well as validate your CA sets before deployment. See the Deployment object type.
DeploymentState. A response object indicating the deployment status of the CA set. See the DeploymentState object type.
Certificate chain best practice
To ensure you are using a valid intermediate CA certificate in your certificate trust store, you should include the full certificate chain and conduct certificate path validation to a self-signed trust anchor (commonly referred to as the root certificate). By default, Akamai Trust Chain Manager conducts this certificate path validation on each certificate in the TCM certificate set and requires successful validation before network deployment of the set. However, you may opt out of this path validation for a TCM certificate set.
NOTE: By opting out, you acknowledge that all certificates in the set will no longer be verified using certificate path validation to a root certificate and will each be considered a trust anchor on its own merit.
Consider local processes to ensure the certificates included in the TCM certificate set are valid and trusted for their intended purposes. Note that for each subsequent version of the set this validation option may be set individually, as needed.
Resources
This section provides details on each API operation.
NOTE: The API allows you to select a version of the CA set for which it returns data. You can also specify the version yourself by using the
/versions/{version}segment of the URL, where available. You can omit this segment in every endpoint that includes it. If you do so, the API implementation assumes the latest version of the CA set by default.
API summary
Download the RAML descriptors for this API.
| Operation | Method | Endpoint |
|---|---|---|
| List CA sets | GET | /trust-chain-manager/ |
| Create a CA set | POST | /trust-chain-manager/ |
| Get the latest version of the CA set | GET | /trust-chain-manager/ |
| Update a CA set | PUT | /trust-chain-manager/ |
| Delete a CA set | DELETE | /trust-chain-manager/ |
| Get IDs of all active versions of a CA set | GET | /trust-chain-manager/ |
| Get a certain version of the CA set | GET | /trust-chain-manager/ |
| Get the latest version of the CA set with certificates listed individually | GET | /trust-chain-manager/ |
| Get a certain version of the CA set with certificates listed individually | GET | /trust-chain-manager/ |
| Get the certificate by ID | GET | /trust-chain-manager/ |
| Get a list of certificates in the latest version of the CA set | GET | /trust-chain-manager/ |
| Get a list of certificates in a certain version of the CA set | GET | /trust-chain-manager/ |
| Get all active versions of a CA set including trust chains | GET | /trust-chain-manager/ |
| Get the deployment status of a CA set | GET | /trust-chain-manager/ |
| Deploy a CA set to the network | PUT | /trust-chain-manager/ |
| Get deployment status of a certain version of the CA set | GET | /trust-chain-manager/ |
| Deploy a certain version of the CA set to the network | PUT | /trust-chain-manager/ |
| Validate a CA set | POST | /trust-chain-manager/ |
List CA sets
Fetches a list of CA sets. You can specify filters to target specific data within sets. If you don’t specify any filters, this call returns all available sets. The response is an abbreviated Set object. You can then use the setId to fetch detailed information for each set.
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| Optional query parameters | |||
deployedOnProduction |
Boolean | false |
Returns sets whose deployment state on the Production network matches this filter. |
deployedOnStaging |
Boolean | true |
Returns sets whose deployment state on the Staging network matches this filter. |
name |
String | Set1 |
The name of the set. |
Status 200
application/json
Object type: Sets
Download schema: sets.json
Response body:
{
"accountId": "A-123DGC",
"sets": [
{
"name": "Set1",
"id": 123456,
"hasAcknowledgedNoRootCertificate": true,
"deployment": {
"staging": true,
"production": true
}
},
{
"name": "Set10",
"id": 789123,
"hasAcknowledgedNoRootCertificate": false,
"deployment": {
"staging": true,
"production": false
}
}
]
}
Create a CA set
Creates a new CA set using the supplied SetFullData object. Note that if both Staging and Production fields are set to NULL, the CA set will be validated, and validation results returned to the caller, but the set will not be saved or deployed.
See Certificate chain best practice for guidance on certificate validation.
POST /trust-chain-manager/
Content-Type: application/json
Object type: SetFullData
Download schema: set-full-data.json
Request body:
{
"name": "Set1",
"requireRootCertificate": true,
"deployment": {
"staging": true,
"production": true
},
"chains": [
{
"name": "Chain1",
"certificates": "-----BEGIN CERTIFICATE-----\nMIICiTCCAfKgAwIBAgIJAJHSGaH2s0otMA0GCSqGSIb3DQEBCwUAMF8xCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxHjAcBgNVBAMMFXNvbWUtcm9vdC5leGFtcGxlLmNvbTAeFw0xOTAz\nMDgxOTA3MDhaFw00NjA3MjMxOTA3MDhaMGcxCzAJBgNVBAYTAlVTMQswCQYDVQQI\nDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxJjAkBgNV\nBAMMHXNvbWUtaW50ZXJtZWRpYXRlLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEB\nAQUAA4GNADCBiQKBgQCzuzTQHsW8HHB6cHv7jT/4cETl53jHB1QOK7aVdVO/cK5i\nv8YFB/O2zcXfHbObJTMDp5T33tiy2dTa4X/9OirC/FcEKK7pFL07r60nkyLbnX1P\nOLE7TrfBbzFpBxWXTSuXFi4Y002dvxKfxsgruxD3JVsdwBh4jZS6IkyUJHmopwID\nAQABo0UwQzAdBgNVHQ4EFgQUAveECjwgwk+MHozpCpMauW1TftkwEgYDVR0TAQH/\nBAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADgYEAxRxv\n4NadAtvJx7xBGBcR9C3NEz9WR84bpfHP720ZpgR8WRPXxjQZz/clwADi6PpE1/7B\nqybde5hE38XnbGOhzIDyIXd8Hfztaaj7vxR5DiEOAY3jE5Ix98WQ0ZrbYTSu4o1b\ncSPdPt3JWFygdtur9ikw9FRFPNhcH195X5LGJas=\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIICNTCCAZ4CCQC+2uIuN+erCTANBgkqhkiG9w0BAQsFADBfMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMR4wHAYDVQQDDBVzb21lLXJvb3QuZXhhbXBsZS5jb20wHhcNMTkwMzA4MTkw\nMzE4WhcNNDYwNzIzMTkwMzE4WjBfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCTUEx\nEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWthbWFpMR4wHAYDVQQDDBVz\nb21lLXJvb3QuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\nANpc8vud0MhTRDBB1JZGfEAuutQf/CQ8ToyDor4TBvE1pa24DvT1DEaaDUMhVPXK\naJC95re6xV2NOvCrvOjZBNH94DWCldRg93DOVPmUEVcEcB81zfdfT0iEW96C2RFf\nI1Hv0tJynmxDI5k5lK4Js6/nonJbUVHL8X63yMvmR9HNAgMBAAEwDQYJKoZIhvcN\nAQELBQADgYEABnpsP51MLW0069megs/czB3EJWeMt2ynCD6RlQPqXBlkVsengT3y\ntRnKJwD5SYjr8sW9Vq5Rp2dm7X7i9osB+CSveORw3hWbu4TmiA18qJr/SSUwo5Xf\nbsjfV2IUQtNLEExhp1nBjvJNmTP3g/NiVVWHEQafynwXlNAj1ySuUzs=\n-----END CERTIFICATE-----"
},
{
"name": "ChainN",
"certificates": "-----BEGIN CERTIFICATE-----\nMIICijCCAfOgAwIBAgIJAJHSGaH2s0osMA0GCSqGSIb3DQEBCwUAMGExCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxIDAeBgNVBAMMF3RjbS1yb290LWNhLmV4YW1wbGUuY29tMB4XDTE5\nMDIyNDIzMzUxN1oXDTQ2MDcxMTIzMzUxN1owZjELMAkGA1UEBhMCVVMxCzAJBgNV\nBAgMAk1BMRIwEAYDVQQHDAlDYW1icmlkZ2UxDzANBgNVBAoMBkFrYW1haTElMCMG\nA1UEAwwcdGNtLWludGVybWVkaWF0ZS5leGFtcGxlLmNvbTCBnzANBgkqhkiG9w0B\nAQEFAAOBjQAwgYkCgYEAw6JPmMaZD/SOBkQ+PISBF+o+gQ0/zz6ei7GCfgN3k7db\nAm6GsqxG7yKJfQYhHMTQQsUNgNzYNSFRdJNyHM8Edjr3sCGIei571HNu3Yik95T3\nPJpInaY24yfye+v9ln2hKu/53r5G3xdsSm/ZyI1wK7nRj6bzbwnGlXEfMKmhcg8C\nAwEAAaNFMEMwHQYDVR0OBBYEFHu2jZE6TpHcoQwZaSNmj/VJ+p8TMBIGA1UdEwEB\n/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4GBABR8\nZ1blA+Vx32a39OhOX+Ul/PC8fX4Z0El7tiOGAA2xCoHK7cZqd+QkdKV9ju3Z2ah0\nSCHOPqBT7tZaXPrtx7sxtlb0U6IJdklb78BjeK1KlM5x4jfnAaAvouaGX2SU9fp2\na1P/IsuOD6zHBddTysuX8W3YEycdT7JzhCWpROKF\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIICOTCCAaICCQDPV5YuumF6sDANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMSAwHgYDVQQDDBd0Y20tcm9vdC1jYS5leGFtcGxlLmNvbTAeFw0xOTAyMjQy\nMzM0MjJaFw00NjA3MTEyMzM0MjJaMGExCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJN\nQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxIDAeBgNVBAMM\nF3RjbS1yb290LWNhLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\niQKBgQDXFPDgDFXXcS7Pa6G02VP6OGL3YYGBJm2AqtkB0MeLWOk3RsBIPcEgY1eq\n+32n8fObXUr0UX22sjyv/PkMkYWIru01dE9pc2KCDNYF7Gea8kM9C0VQx0gog5SL\nesYHABEox+t0ZVhVvOfUIlqK6GN7eEiN6PTgKhpEVnoowne81QIDAQABMA0GCSqGvSIb3DQEBCwUAA4GBALK8Hko9UU62XYX1IdJ2EA/XRWHPin2OXurEPRDv0X4q9oc9\nBMvDR36pXMMEFd9pRp7MQnGq266qecNWBkmcSY9k/ct8GtG6t4k+lBQvQPBERs7I\niiCDgIa53ofoJSi2rN9+HuluSwFLIObt2pKhrgfy6UV9VasTyxcLw8wD4z8u\n-----END CERTIFICATE-----"
}
]
}
Status 202
application/json
Object type: SetRef
Download schema: set-ref.json
Response body:
{
"accountId": "A-1234BD",
"set": "/trust-chain-manager-api/v1/sets/10000",
"name": "Set1"
}
Get the latest version of the CA set
By default, gets the latest version of the CA set.
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
Status 200
application/json
Object type: SetFullData
Download schema: set-full-data.json
Response body:
{
"id": 123456,
"version": 75361,
"name": "Set1",
"hasAcknowledgedNoRootCertificate": true,
"requireRootCertificate": false,
"deployment": {
"staging": true,
"production": true
},
"chains": [
{
"name": "Chain1",
"certificates": "-----BEGIN CERTIFICATE-----\nMIICiTCCAfKgAwIBAgIJAJHSGaH2s0otMA0GCSqGSIb3DQEBCwUAMF8xCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxHjAcBgNVBAMMFXNvbWUtcm9vdC5leGFtcGxlLmNvbTAeFw0xOTAz\nMDgxOTA3MDhaFw00NjA3MjMxOTA3MDhaMGcxCzAJBgNVBAYTAlVTMQswCQYDVQQI\nDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxJjAkBgNV\nBAMMHXNvbWUtaW50ZXJtZWRpYXRlLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEB\nAQUAA4GNADCBiQKBgQCzuzTQHsW8HHB6cHv7jT/4cETl53jHB1QOK7aVdVO/cK5i\nv8YFB/O2zcXfHbObJTMDp5T33tiy2dTa4X/9OirC/FcEKK7pFL07r60nkyLbnX1P\nOLE7TrfBbzFpBxWXTSuXFi4Y002dvxKfxsgruxD3JVsdwBh4jZS6IkyUJHmopwID\nAQABo0UwQzAdBgNVHQ4EFgQUAveECjwgwk+MHozpCpMauW1TftkwEgYDVR0TAQH/\nBAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADgYEAxRxv\n4NadAtvJx7xBGBcR9C3NEz9WR84bpfHP720ZpgR8WRPXxjQZz/clwADi6PpE1/7B\nqybde5hE38XnbGOhzIDyIXd8Hfztaaj7vxR5DiEOAY3jE5Ix98WQ0ZrbYTSu4o1b\ncSPdPt3JWFygdtur9ikw9FRFPNhcH195X5LGJas=\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIICNTCCAZ4CCQC+2uIuN+erCTANBgkqhkiG9w0BAQsFADBfMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMR4wHAYDVQQDDBVzb21lLXJvb3QuZXhhbXBsZS5jb20wHhcNMTkwMzA4MTkw\nMzE4WhcNNDYwNzIzMTkwMzE4WjBfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCTUEx\nEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWthbWFpMR4wHAYDVQQDDBVz\nb21lLXJvb3QuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\nANpc8vud0MhTRDBB1JZGfEAuutQf/CQ8ToyDor4TBvE1pa24DvT1DEaaDUMhVPXK\naJC95re6xV2NOvCrvOjZBNH94DWCldRg93DOVPmUEVcEcB81zfdfT0iEW96C2RFf\nI1Hv0tJynmxDI5k5lK4Js6/nonJbUVHL8X63yMvmR9HNAgMBAAEwDQYJKoZIhvcN\nAQELBQADgYEABnpsP51MLW0069megs/czB3EJWeMt2ynCD6RlQPqXBlkVsengT3y\ntRnKJwD5SYjr8sW9Vq5Rp2dm7X7i9osB+CSveORw3hWbu4TmiA18qJr/SSUwo5Xf\nbsjfV2IUQtNLEExhp1nBjvJNmTP3g/NiVVWHEQafynwXlNAj1ySuUzs=\n-----END CERTIFICATE-----"
},
{
"name": "ChainN",
"certificates": "-----BEGIN CERTIFICATE-----\nMIICijCCAfOgAwIBAgIJAJHSGaH2s0osMA0GCSqGSIb3DQEBCwUAMGExCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxIDAeBgNVBAMMF3RjbS1yb290LWNhLmV4YW1wbGUuY29tMB4XDTE5\nMDIyNDIzMzUxN1oXDTQ2MDcxMTIzMzUxN1owZjELMAkGA1UEBhMCVVMxCzAJBgNV\nBAgMAk1BMRIwEAYDVQQHDAlDYW1icmlkZ2UxDzANBgNVBAoMBkFrYW1haTElMCMG\nA1UEAwwcdGNtLWludGVybWVkaWF0ZS5leGFtcGxlLmNvbTCBnzANBgkqhkiG9w0B\nAQEFAAOBjQAwgYkCgYEAw6JPmMaZD/SOBkQ+PISBF+o+gQ0/zz6ei7GCfgN3k7db\nAm6GsqxG7yKJfQYhHMTQQsUNgNzYNSFRdJNyHM8Edjr3sCGIei571HNu3Yik95T3\nPJpInaY24yfye+v9ln2hKu/53r5G3xdsSm/ZyI1wK7nRj6bzbwnGlXEfMKmhcg8C\nAwEAAaNFMEMwHQYDVR0OBBYEFHu2jZE6TpHcoQwZaSNmj/VJ+p8TMBIGA1UdEwEB\n/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4GBABR8\nZ1blA+Vx32a39OhOX+Ul/PC8fX4Z0El7tiOGAA2xCoHK7cZqd+QkdKV9ju3Z2ah0\nSCHOPqBT7tZaXPrtx7sxtlb0U6IJdklb78BjeK1KlM5x4jfnAaAvouaGX2SU9fp2\na1P/IsuOD6zHBddTysuX8W3YEycdT7JzhCWpROKF\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIICOTCCAaICCQDPV5YuumF6sDANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMSAwHgYDVQQDDBd0Y20tcm9vdC1jYS5leGFtcGxlLmNvbTAeFw0xOTAyMjQy\nMzM0MjJaFw00NjA3MTEyMzM0MjJaMGExCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJN\nQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxIDAeBgNVBAMM\nF3RjbS1yb290LWNhLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\niQKBgQDXFPDgDFXXcS7Pa6G02VP6OGL3YYGBJm2AqtkB0MeLWOk3RsBIPcEgY1eq\n+32n8fObXUr0UX22sjyv/PkMkYWIru01dE9pc2KCDNYF7Gea8kM9C0VQx0gog5SL\nesYHABEox+t0ZVhVvOfUIlqK6GN7eEiN6PTgKhpEVnoowne81QIDAQABMA0GCSqGvSIb3DQEBCwUAA4GBALK8Hko9UU62XYX1IdJ2EA/XRWHPin2OXurEPRDv0X4q9oc9\nBMvDR36pXMMEFd9pRp7MQnGq266qecNWBkmcSY9k/ct8GtG6t4k+lBQvQPBERs7I\niiCDgIa53ofoJSi2rN9+HuluSwFLIObt2pKhrgfy6UV9VasTyxcLw8wD4z8u\n-----END CERTIFICATE-----"
}
]
}
Update a CA set
Updates an existing CA set with the supplied SetFullData object. This creates a new version of the CA set and deploys it to the networks specified in the object. Note that if both Staging and Production fields are set to NULL, the CA set undergoes validation. This returns validation results to the caller, but does not create or deploy a new version.
See Certificate chain best practice for guidance on certificate validation.
PUT /trust-chain-manager/
Sample: /trust-chain-manager/
Content-Type: application/json
Object type: SetFullData
Download schema: set-full-data.json
Request body:
{
"id": 123456,
"version": 75361,
"name": "Set1",
"requireRootCertificate": false,
"deployment": {
"staging": true,
"production": true
},
"chains": [
{
"name": "Chain1",
"certificates": "-----BEGIN CERTIFICATE-----\nMIICiTCCAfKgAwIBAgIJAJHSGaH2s0otMA0GCSqGSIb3DQEBCwUAMF8xCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxHjAcBgNVBAMMFXNvbWUtcm9vdC5leGFtcGxlLmNvbTAeFw0xOTAz\nMDgxOTA3MDhaFw00NjA3MjMxOTA3MDhaMGcxCzAJBgNVBAYTAlVTMQswCQYDVQQI\nDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxJjAkBgNV\nBAMMHXNvbWUtaW50ZXJtZWRpYXRlLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEB\nAQUAA4GNADCBiQKBgQCzuzTQHsW8HHB6cHv7jT/4cETl53jHB1QOK7aVdVO/cK5i\nv8YFB/O2zcXfHbObJTMDp5T33tiy2dTa4X/9OirC/FcEKK7pFL07r60nkyLbnX1P\nOLE7TrfBbzFpBxWXTSuXFi4Y002dvxKfxsgruxD3JVsdwBh4jZS6IkyUJHmopwID\nAQABo0UwQzAdBgNVHQ4EFgQUAveECjwgwk+MHozpCpMauW1TftkwEgYDVR0TAQH/\nBAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADgYEAxRxv\n4NadAtvJx7xBGBcR9C3NEz9WR84bpfHP720ZpgR8WRPXxjQZz/clwADi6PpE1/7B\nqybde5hE38XnbGOhzIDyIXd8Hfztaaj7vxR5DiEOAY3jE5Ix98WQ0ZrbYTSu4o1b\ncSPdPt3JWFygdtur9ikw9FRFPNhcH195X5LGJas=\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIICNTCCAZ4CCQC+2uIuN+erCTANBgkqhkiG9w0BAQsFADBfMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMR4wHAYDVQQDDBVzb21lLXJvb3QuZXhhbXBsZS5jb20wHhcNMTkwMzA4MTkw\nMzE4WhcNNDYwNzIzMTkwMzE4WjBfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCTUEx\nEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWthbWFpMR4wHAYDVQQDDBVz\nb21lLXJvb3QuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\nANpc8vud0MhTRDBB1JZGfEAuutQf/CQ8ToyDor4TBvE1pa24DvT1DEaaDUMhVPXK\naJC95re6xV2NOvCrvOjZBNH94DWCldRg93DOVPmUEVcEcB81zfdfT0iEW96C2RFf\nI1Hv0tJynmxDI5k5lK4Js6/nonJbUVHL8X63yMvmR9HNAgMBAAEwDQYJKoZIhvcN\nAQELBQADgYEABnpsP51MLW0069megs/czB3EJWeMt2ynCD6RlQPqXBlkVsengT3y\ntRnKJwD5SYjr8sW9Vq5Rp2dm7X7i9osB+CSveORw3hWbu4TmiA18qJr/SSUwo5Xf\nbsjfV2IUQtNLEExhp1nBjvJNmTP3g/NiVVWHEQafynwXlNAj1ySuUzs=\n-----END CERTIFICATE-----"
},
{
"name": "ChainN",
"certificates": "-----BEGIN CERTIFICATE-----\nMIICijCCAfOgAwIBAgIJAJHSGaH2s0osMA0GCSqGSIb3DQEBCwUAMGExCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxIDAeBgNVBAMMF3RjbS1yb290LWNhLmV4YW1wbGUuY29tMB4XDTE5\nMDIyNDIzMzUxN1oXDTQ2MDcxMTIzMzUxN1owZjELMAkGA1UEBhMCVVMxCzAJBgNV\nBAgMAk1BMRIwEAYDVQQHDAlDYW1icmlkZ2UxDzANBgNVBAoMBkFrYW1haTElMCMG\nA1UEAwwcdGNtLWludGVybWVkaWF0ZS5leGFtcGxlLmNvbTCBnzANBgkqhkiG9w0B\nAQEFAAOBjQAwgYkCgYEAw6JPmMaZD/SOBkQ+PISBF+o+gQ0/zz6ei7GCfgN3k7db\nAm6GsqxG7yKJfQYhHMTQQsUNgNzYNSFRdJNyHM8Edjr3sCGIei571HNu3Yik95T3\nPJpInaY24yfye+v9ln2hKu/53r5G3xdsSm/ZyI1wK7nRj6bzbwnGlXEfMKmhcg8C\nAwEAAaNFMEMwHQYDVR0OBBYEFHu2jZE6TpHcoQwZaSNmj/VJ+p8TMBIGA1UdEwEB\n/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4GBABR8\nZ1blA+Vx32a39OhOX+Ul/PC8fX4Z0El7tiOGAA2xCoHK7cZqd+QkdKV9ju3Z2ah0\nSCHOPqBT7tZaXPrtx7sxtlb0U6IJdklb78BjeK1KlM5x4jfnAaAvouaGX2SU9fp2\na1P/IsuOD6zHBddTysuX8W3YEycdT7JzhCWpROKF\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIICOTCCAaICCQDPV5YuumF6sDANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMSAwHgYDVQQDDBd0Y20tcm9vdC1jYS5leGFtcGxlLmNvbTAeFw0xOTAyMjQy\nMzM0MjJaFw00NjA3MTEyMzM0MjJaMGExCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJN\nQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxIDAeBgNVBAMM\nF3RjbS1yb290LWNhLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\niQKBgQDXFPDgDFXXcS7Pa6G02VP6OGL3YYGBJm2AqtkB0MeLWOk3RsBIPcEgY1eq\n+32n8fObXUr0UX22sjyv/PkMkYWIru01dE9pc2KCDNYF7Gea8kM9C0VQx0gog5SL\nesYHABEox+t0ZVhVvOfUIlqK6GN7eEiN6PTgKhpEVnoowne81QIDAQABMA0GCSqGvSIb3DQEBCwUAA4GBALK8Hko9UU62XYX1IdJ2EA/XRWHPin2OXurEPRDv0X4q9oc9\nBMvDR36pXMMEFd9pRp7MQnGq266qecNWBkmcSY9k/ct8GtG6t4k+lBQvQPBERs7I\niiCDgIa53ofoJSi2rN9+HuluSwFLIObt2pKhrgfy6UV9VasTyxcLw8wD4z8u\n-----END CERTIFICATE-----"
}
]
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
Status 202
application/json
Object type: SetRef
Download schema: set-ref.json
Response body:
{
"accountId": "A-1234BD",
"set": "/trust-chain-manager-api/v1/sets/10000",
"name": "Set1"
}
Delete a CA set
Removes a CA set from the account. This operation succeeds only if the set is not used by any slot.
DELETE /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
Status 204
Get IDs of all active versions of a CA set
Active versions of a set are the versions currently deployed, or in the process of deployment to the network. A failed version is included if it is the latest version of the set deployed to the network. Version ID and a minimal collection of accompanying metadata items is listed for each version.
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
Status 200
application/json
Download schema: versions.json
Response body:
{
"id": 76927,
"name": "PartnerB2B",
"hasAcknowledgedNoRootCertificate": true,
"versions": [
{
"version": 77152,
"requireRootCertificate": true,
"deployment": {
"staging": "DEPLOYED",
"production": "DEPLOYING"
},
"lastModifiedBy": "jmarczew",
"timestamp": "2020-04-21T19:31:11.808"
},
{
"version": 78453,
"requireRootCertificate": false,
"deployment": {
"staging": "DEPLOYED",
"production": "DEPLOYED"
},
"lastModifiedBy": "jmarczew",
"timestamp": "2020-06-03T10:15:08.231"
}
]
}
Get a certain version of the CA set
Gets the specified version of the CA set.
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
version |
Integer | 75361 |
A version number. |
Status 200
application/json
Object type: SetFullData
Download schema: set-full-data.json
Response body:
{
"id": 123456,
"version": 75361,
"name": "Set1",
"hasAcknowledgedNoRootCertificate": true,
"requireRootCertificate": false,
"deployment": {
"staging": true,
"production": true
},
"chains": [
{
"name": "Chain1",
"certificates": "-----BEGIN CERTIFICATE-----\nMIICiTCCAfKgAwIBAgIJAJHSGaH2s0otMA0GCSqGSIb3DQEBCwUAMF8xCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxHjAcBgNVBAMMFXNvbWUtcm9vdC5leGFtcGxlLmNvbTAeFw0xOTAz\nMDgxOTA3MDhaFw00NjA3MjMxOTA3MDhaMGcxCzAJBgNVBAYTAlVTMQswCQYDVQQI\nDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxJjAkBgNV\nBAMMHXNvbWUtaW50ZXJtZWRpYXRlLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEB\nAQUAA4GNADCBiQKBgQCzuzTQHsW8HHB6cHv7jT/4cETl53jHB1QOK7aVdVO/cK5i\nv8YFB/O2zcXfHbObJTMDp5T33tiy2dTa4X/9OirC/FcEKK7pFL07r60nkyLbnX1P\nOLE7TrfBbzFpBxWXTSuXFi4Y002dvxKfxsgruxD3JVsdwBh4jZS6IkyUJHmopwID\nAQABo0UwQzAdBgNVHQ4EFgQUAveECjwgwk+MHozpCpMauW1TftkwEgYDVR0TAQH/\nBAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADgYEAxRxv\n4NadAtvJx7xBGBcR9C3NEz9WR84bpfHP720ZpgR8WRPXxjQZz/clwADi6PpE1/7B\nqybde5hE38XnbGOhzIDyIXd8Hfztaaj7vxR5DiEOAY3jE5Ix98WQ0ZrbYTSu4o1b\ncSPdPt3JWFygdtur9ikw9FRFPNhcH195X5LGJas=\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIICNTCCAZ4CCQC+2uIuN+erCTANBgkqhkiG9w0BAQsFADBfMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMR4wHAYDVQQDDBVzb21lLXJvb3QuZXhhbXBsZS5jb20wHhcNMTkwMzA4MTkw\nMzE4WhcNNDYwNzIzMTkwMzE4WjBfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCTUEx\nEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWthbWFpMR4wHAYDVQQDDBVz\nb21lLXJvb3QuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\nANpc8vud0MhTRDBB1JZGfEAuutQf/CQ8ToyDor4TBvE1pa24DvT1DEaaDUMhVPXK\naJC95re6xV2NOvCrvOjZBNH94DWCldRg93DOVPmUEVcEcB81zfdfT0iEW96C2RFf\nI1Hv0tJynmxDI5k5lK4Js6/nonJbUVHL8X63yMvmR9HNAgMBAAEwDQYJKoZIhvcN\nAQELBQADgYEABnpsP51MLW0069megs/czB3EJWeMt2ynCD6RlQPqXBlkVsengT3y\ntRnKJwD5SYjr8sW9Vq5Rp2dm7X7i9osB+CSveORw3hWbu4TmiA18qJr/SSUwo5Xf\nbsjfV2IUQtNLEExhp1nBjvJNmTP3g/NiVVWHEQafynwXlNAj1ySuUzs=\n-----END CERTIFICATE-----"
},
{
"name": "ChainN",
"certificates": "-----BEGIN CERTIFICATE-----\nMIICijCCAfOgAwIBAgIJAJHSGaH2s0osMA0GCSqGSIb3DQEBCwUAMGExCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxIDAeBgNVBAMMF3RjbS1yb290LWNhLmV4YW1wbGUuY29tMB4XDTE5\nMDIyNDIzMzUxN1oXDTQ2MDcxMTIzMzUxN1owZjELMAkGA1UEBhMCVVMxCzAJBgNV\nBAgMAk1BMRIwEAYDVQQHDAlDYW1icmlkZ2UxDzANBgNVBAoMBkFrYW1haTElMCMG\nA1UEAwwcdGNtLWludGVybWVkaWF0ZS5leGFtcGxlLmNvbTCBnzANBgkqhkiG9w0B\nAQEFAAOBjQAwgYkCgYEAw6JPmMaZD/SOBkQ+PISBF+o+gQ0/zz6ei7GCfgN3k7db\nAm6GsqxG7yKJfQYhHMTQQsUNgNzYNSFRdJNyHM8Edjr3sCGIei571HNu3Yik95T3\nPJpInaY24yfye+v9ln2hKu/53r5G3xdsSm/ZyI1wK7nRj6bzbwnGlXEfMKmhcg8C\nAwEAAaNFMEMwHQYDVR0OBBYEFHu2jZE6TpHcoQwZaSNmj/VJ+p8TMBIGA1UdEwEB\n/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4GBABR8\nZ1blA+Vx32a39OhOX+Ul/PC8fX4Z0El7tiOGAA2xCoHK7cZqd+QkdKV9ju3Z2ah0\nSCHOPqBT7tZaXPrtx7sxtlb0U6IJdklb78BjeK1KlM5x4jfnAaAvouaGX2SU9fp2\na1P/IsuOD6zHBddTysuX8W3YEycdT7JzhCWpROKF\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIICOTCCAaICCQDPV5YuumF6sDANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMSAwHgYDVQQDDBd0Y20tcm9vdC1jYS5leGFtcGxlLmNvbTAeFw0xOTAyMjQy\nMzM0MjJaFw00NjA3MTEyMzM0MjJaMGExCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJN\nQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxIDAeBgNVBAMM\nF3RjbS1yb290LWNhLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\niQKBgQDXFPDgDFXXcS7Pa6G02VP6OGL3YYGBJm2AqtkB0MeLWOk3RsBIPcEgY1eq\n+32n8fObXUr0UX22sjyv/PkMkYWIru01dE9pc2KCDNYF7Gea8kM9C0VQx0gog5SL\nesYHABEox+t0ZVhVvOfUIlqK6GN7eEiN6PTgKhpEVnoowne81QIDAQABMA0GCSqGvSIb3DQEBCwUAA4GBALK8Hko9UU62XYX1IdJ2EA/XRWHPin2OXurEPRDv0X4q9oc9\nBMvDR36pXMMEFd9pRp7MQnGq266qecNWBkmcSY9k/ct8GtG6t4k+lBQvQPBERs7I\niiCDgIa53ofoJSi2rN9+HuluSwFLIObt2pKhrgfy6UV9VasTyxcLw8wD4z8u\n-----END CERTIFICATE-----"
}
]
}
Get the latest version of the CA set with certificates listed individually
By default, gets the latest version of the CA set with certificates listed individually.
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
Status 200
application/json
Download schema: set-certificates.json
Response body:
{
"id": 75469,
"name": "devqaSetId276",
"version": 75221,
"hasAcknowledgedNoRootCertificate": true,
"requireRootCertificate": false,
"chains": [
{
"name": "chain2",
"certificates": [
{
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-11-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"expiryDate": "2020-04-07T17:33:39",
"startDate": "2019-04-08T17:33:39",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDDzCCAnKgAwIBAgIJAJHSGaH2s0pCMAoGCCqGSM49BAMCMFwxCzAJBgNVBAYT\nAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZB\na2FtYWkxGzAZBgNVBAMMEnRjbS0xMy1leGFtcGxlLmNvbTAeFw0xOTA0MDgxNzMz\nMzlaFw0yMDA0MDcxNzMzMzlaMGkxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJNQTES\nMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxKDAmBgNVBAMMH2lu\ndGVybWVkaWF0ZS50Y20tMTEtZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDaotqwVMcQUoje6z353HxTItlOSiKVP4kDv+OuSGz2K8eX\nl2Wv2oRVCqSZ5oYuVooA+2JtviVnjsAidx6VK4+qc6BUmqSF2FEWbBhSm2hi6Pzt\nFp+heVBEdJUKtxHehtI5n1xw8Id5ziQLi5ywKAR5CQLjRScFGIWkj0zMJXUYwjJl\nNkVpJiD4PO1cFqGIIa/VyqlNCNwH3dfZEwBlhmRG1cDBEoOLb/F7159pMNIe/3aB\nlNyehMfLj7vSesFmYCw24nrAwW2gL+gx+uwMJaU3Hzk+yhzcVeOIiw4Gsm/elJzN\nVwJRUxoVSigcYi2Z8BcHWk+HDOZxnO9x0lVeyLZdAgMBAAGjRTBDMB0GA1UdDgQW\nBBR8j0E4g1vIdtpawhc7ZJ72v9qebDASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1Ud\nDwEB/wQEAwIBhjAKBggqhkjOPQQDAgOBigAwgYYCQSp2p1MrZIwGadKK4NrEI0o9\n49g3ISzZ5APw/XqMwen8s6rOlnJJhUN+7zzdp/gIvdPVlMDQBAqb447mPTVn250r\nAkEGJfMps1E9XmWilKXtcZzorYMeO1wCCiEfibYtgVUKoItZqs144K77DfovjUD8\nwvbndItQEOm8sx+MLzQ1aWrduw==\n-----END CERTIFICATE-----",
"id": 75754
},
{
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate1.tcm-11-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-11-example.com",
"expiryDate": "2020-04-07T17:43:58",
"startDate": "2019-04-08T17:43:58",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDmzCCAoOgAwIBAgIJAJHSGaH2s0pDMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxKDAmBgNVBAMMH2ludGVybWVkaWF0ZS50Y20tMTEtZXhhbXBsZS5j\nb20wHhcNMTkwNDA4MTc0MzU4WhcNMjAwNDA3MTc0MzU4WjBqMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMSkwJwYDVQQDDCBpbnRlcm1lZGlhdGUxLnRjbS0xMS1leGFtcGxlLmNvbTCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgwBUMjpHQcU3gnZBlPaT7y\nFAlwVjP/tjpxrnc9o92HJdta6yukQuPJ+FjY1AYvCaf5bF8KHpo08Vz2X43tQhMu\nHMBRMUTb6HxYitQbiTijVw0gClSMmvBV4wk8osh81L9aNH/6OljSzWce99UnBefn\nfDZlfg1Y4lFK/zGyFhLcils5lVVd5JfNuwn+54cWdqoTcuaMHvz5i5/cASEI1w8T\nUicdMHUv+32cVcppfhncGxIPqIrdnsWotRrgr7RkYs/ubp8Gm81j6dYNAMJ0YYxG\nn6ppv23poXapuiUjEQc7o8xDtoyI7WnsWrxzd/bm2fXde5krum4CL9X/ugBYV/EC\nAwEAAaNFMEMwHQYDVR0OBBYEFPGRnc9xmEaNZlKWVX+WY+NUHVVDMBIGA1UdEwEB\n/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQDW\nsZV2VOIO7LSjsgRZIWO8iaJ/CVaK+KqY/WhdIoXHcazX8qITnzcPgdci1pCGReDa\nYCjuvGPbHiPqN8n9g8NtbTGoVUBGFPchxK+pLgJUASa11FmOG2HQFngAz/MBjfNC\n/E7AgC3LxDJwf4Sm7jQtzmEMgONGrxQbhJhUIFuUIFrmlQclOxtoIu2aFSEoskob\nh9bDyYKCIiMGY2IFOSP7/oQEY1zkFcH/b1Im5gesNcbEjArmiEdPKlRyPeTiQ1F0\nFIOqaPoIgzwstD1k8cPvvAU9+sH/AhetU1i94U28SFg2Mt6jQM3iG63mHzjFzo14\n6e/YKx6F+MTdsUdP4AFn\n-----END CERTIFICATE-----",
"id": 75755
}
]
},
{
"name": "chain1",
"certificates": [
{
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"expiryDate": "2020-04-07T17:27:35",
"startDate": "2019-04-08T17:27:35",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIECzCCA22gAwIBAgIJAOW+qN6sBoEgMAoGCCqGSM49BAMCMFwxCzAJBgNVBAYT\nAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZB\na2FtYWkxGzAZBgNVBAMMEnRjbS0xMy1leGFtcGxlLmNvbTAeFw0xOTA0MDgxNzI3\nMzVaFw0yMDA0MDcxNzI3MzVaMFwxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJNQTES\nMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxGzAZBgNVBAMMEnRj\nbS0xMy1leGFtcGxlLmNvbTCCAlwwggHPBgcqhkjOPQIBMIIBwgIBATBNBgcqhkjO\nPQEBAkIB////////////////////////////////////////////////////////\n//////////////////////////////8wgZ4EQgH/////////////////////////\n/////////////////////////////////////////////////////////////ARB\nUZU+uWGOHJofkpohoLaFQO6i2nJbmbMV87i0iZGO8QnhVhk5Uex+k3sWUsC9O7G/\nBzVz34g9LDTx70Uf1GtQPwADFQDQnogAKRy4U5bMZxc5MoSqoNpkugSBhQQAxoWO\nBrcEBOnNnj7LZiOVtEKcZIE5BT+1Ifgor2BrTT26oUted+/nWSj+HcEnov+o3jNI\ns8GFakKb+X5+McLlvWYBGDkpaniaO8AEXIpftCx9G9mY9URJV5tEaBevvRcnPmYs\nl+5ymV70JkDFULkBP60HYTU8cIaicsJAiL6Udp/RZlACQgH/////////////////\n//////////////////////////pRhoeDvy+Wa3/MAUj3CaXQO7XJuImcR667b7ce\nkThkCQIBAQOBhgAEAEXztKDE0BsR1r7q/rN2qc4KyTPjjgwlk8Va8VCqA/Elz57Q\nU4Lzt/XEk6vJd2YccgqK/oDffhT7MXT10Kb1DNI/AQryxSAJNlLurHA7G5U4M4xv\nBNgy4vtJJ40Xvbv3Fd7IM42CZBsKsaroKgrfk0NbjU0im9ETgAfUtq//njMiYJo3\noxMwETAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA4GLADCBhwJBPQEZG2pi\nL5iHKGMzb+IKGns1iguNCWEfZT3llAk0P8xb5A1tULWOxP+dJ6ezInRF3QdGGlEN\n2qiMl1vBSTTBsa8CQgGx1vr+0WcgcIRG6F04mKC2ikS+W/9/FuDqbRRHjd2fMWYl\nquT9SnmYbuK2jpM52fmKa85KUUdL2ypPWXSbKKHpQQ==\n-----END CERTIFICATE-----",
"id": 75756
}
]
},
{
"name": "chain31",
"certificates": [
{
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-5-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-5-example.com",
"expiryDate": "2020-03-30T05:07:35",
"startDate": "2019-03-31T05:07:35",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDTDCCAjSgAwIBAgIJALVysyVJNlL0MA0GCSqGSIb3DQEBCwUAMFsxCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxGjAYBgNVBAMMEXRjbS01LWV4YW1wbGUuY29tMB4XDTE5MDMzMTA1\nMDczNVoXDTIwMDMzMDA1MDczNVowWzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1B\nMRIwEAYDVQQHDAlDYW1icmlkZ2UxDzANBgNVBAoMBkFrYW1haTEaMBgGA1UEAwwR\ndGNtLTUtZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB\nAQC7Q04nJTVIt7/ywgmk8K5WsghDaqzS4VT2dc/qedqa7qr86Bn7EJrftg6RNC8b\nNuRdJfG3CbJpxVMfMLkkFS3+6W1TC6WGJzD/54jRJ3wvAg8bhyAVeQ6xC09mG7i3\nKpZFRHRYfdAu9GRLj25Fih4mrjfEbl042euSB8XQa9ekchwfmh80tFqIJxZZFdX6\n3RbbKQ3afiW+aII/78CA0mOXcbsft53UYpQMYlcWpKSreMyBunFDHUum+b/oYpm1\nlHOE0EvoijRpBLTnGk/nrBoSYGshL7p8QaJxWQ+YBMJLQ4o8QuLQk9s5qW1u9IxJ\n5Pqr0PsSnwtX3TAyKa5YtdcdAgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJ\nKoZIhvcNAQELBQADggEBAFWLGPA/Kqd9KVaY5h0IAJm0zN365VJC2i8dA87CDE1+\nESQyseRXm7uFczyJZgFVwG18iUgs8/8JJ6T7bWwRn/9iomjMvejADywk+ylgkrZI\n6nWGK+XIxQ9XT5+6cFQoXrhDM+o102173ncu6xEbfIPXgd6yY3Rk52Dy6i+vMfE8\n5BVzOmY1KCRGU/K1oo6cOtu6rch8UpBiCcBIBdCCOWVoqAYmznFVwjOaRtfiwbMa\nHB8VKsoEawUIha6nJQbVzgTh5D+gXR9lNMJxNjOeDdGJJBChtnyp69AwsCO/8N3k\naOy6P+6a4hnLUu0E95DW2rOTH1APWuGPJ+HEGwgVPiA=\n-----END CERTIFICATE-----",
"id": 75757
},
{
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-5-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-5-example.com",
"expiryDate": "2020-03-31T03:41:07",
"startDate": "2019-04-01T03:41:07",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDBzCCAe+gAwIBAgIJAJHSGaH2s0o2MA0GCSqGSIb3DQEBCwUAMFsxCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxGjAYBgNVBAMMEXRjbS01LWV4YW1wbGUuY29tMB4XDTE5MDQwMTAz\nNDEwN1oXDTIwMDMzMTAzNDEwN1owaDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1B\nMRIwEAYDVQQHDAlDYW1icmlkZ2UxDzANBgNVBAoMBkFrYW1haTEnMCUGA1UEAwwe\naW50ZXJtZWRpYXRlLnRjbS01LWV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUA\nA4GNADCBiQKBgQDsTUmurNg0FMi0MGOcBT2DImzr+RtSNomGq/NsxhuLiQFAaCnO\niY6yIO0KrOC6NZHcHEWwvQso3OKls/c5pkFGxex4CNR7jpQ/XfoUqVir75fWYR7U\nCSrxaKTSuQyL21OcrO7SN4UCVaIvPTJyIIMh2WQAdjZmzwlujkIsp+USywIDAQAB\no0UwQzAdBgNVHQ4EFgQUln84iBJyViKO4kXJrO6y+O5oPjcwEgYDVR0TAQH/BAgw\nBgEB/wIBATAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAIsbu2dx\nY/hpQg+g4cvihIuMpaN6y/avGm4x9TSILTP+4pcdis8QIMdnBi+2w6+Hhv80rX9w\nCulARg1qTnCf5mkR5iGnF5mEqeIe5xRop1rgmNAkC3D2SwJSLcB4zPHve9ijgk/U\nALe2ucvguaO7WNh3ykmthMLCf5aDr+XnP95F5gXxJ88zmAfx5EExp6QYNahuXgvp\nXhTCkYkhHQeZlw6M8Fx7G5XZAk/kHw4FUmWc8sOj4LtilL7zf9risyPxO3nOW+vF\nFqBS0BLtHbMws6ow2Hhn17WDYFCpF13owqFt6oX407QPhx8jyR2DHwVAPBgF7+BV\niPpNC6TdnL7PVHM=\n-----END CERTIFICATE-----",
"id": 75758
}
]
}
]
}
Get a certain version of the CA set with certificates listed individually
Gets the specified version of the CA set with certificates listed individually.
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
version |
Integer | 75361 |
A version number. |
Status 200
application/json
Download schema: set-certificates.json
Response body:
{
"id": 75469,
"name": "devqaSetId276",
"version": 75221,
"hasAcknowledgedNoRootCertificate": true,
"requireRootCertificate": false,
"chains": [
{
"name": "chain2",
"certificates": [
{
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-11-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"expiryDate": "2020-04-07T17:33:39",
"startDate": "2019-04-08T17:33:39",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDDzCCAnKgAwIBAgIJAJHSGaH2s0pCMAoGCCqGSM49BAMCMFwxCzAJBgNVBAYT\nAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZB\na2FtYWkxGzAZBgNVBAMMEnRjbS0xMy1leGFtcGxlLmNvbTAeFw0xOTA0MDgxNzMz\nMzlaFw0yMDA0MDcxNzMzMzlaMGkxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJNQTES\nMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxKDAmBgNVBAMMH2lu\ndGVybWVkaWF0ZS50Y20tMTEtZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDaotqwVMcQUoje6z353HxTItlOSiKVP4kDv+OuSGz2K8eX\nl2Wv2oRVCqSZ5oYuVooA+2JtviVnjsAidx6VK4+qc6BUmqSF2FEWbBhSm2hi6Pzt\nFp+heVBEdJUKtxHehtI5n1xw8Id5ziQLi5ywKAR5CQLjRScFGIWkj0zMJXUYwjJl\nNkVpJiD4PO1cFqGIIa/VyqlNCNwH3dfZEwBlhmRG1cDBEoOLb/F7159pMNIe/3aB\nlNyehMfLj7vSesFmYCw24nrAwW2gL+gx+uwMJaU3Hzk+yhzcVeOIiw4Gsm/elJzN\nVwJRUxoVSigcYi2Z8BcHWk+HDOZxnO9x0lVeyLZdAgMBAAGjRTBDMB0GA1UdDgQW\nBBR8j0E4g1vIdtpawhc7ZJ72v9qebDASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1Ud\nDwEB/wQEAwIBhjAKBggqhkjOPQQDAgOBigAwgYYCQSp2p1MrZIwGadKK4NrEI0o9\n49g3ISzZ5APw/XqMwen8s6rOlnJJhUN+7zzdp/gIvdPVlMDQBAqb447mPTVn250r\nAkEGJfMps1E9XmWilKXtcZzorYMeO1wCCiEfibYtgVUKoItZqs144K77DfovjUD8\nwvbndItQEOm8sx+MLzQ1aWrduw==\n-----END CERTIFICATE-----",
"id": 75754
},
{
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate1.tcm-11-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-11-example.com",
"expiryDate": "2020-04-07T17:43:58",
"startDate": "2019-04-08T17:43:58",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDmzCCAoOgAwIBAgIJAJHSGaH2s0pDMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxKDAmBgNVBAMMH2ludGVybWVkaWF0ZS50Y20tMTEtZXhhbXBsZS5j\nb20wHhcNMTkwNDA4MTc0MzU4WhcNMjAwNDA3MTc0MzU4WjBqMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMSkwJwYDVQQDDCBpbnRlcm1lZGlhdGUxLnRjbS0xMS1leGFtcGxlLmNvbTCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgwBUMjpHQcU3gnZBlPaT7y\nFAlwVjP/tjpxrnc9o92HJdta6yukQuPJ+FjY1AYvCaf5bF8KHpo08Vz2X43tQhMu\nHMBRMUTb6HxYitQbiTijVw0gClSMmvBV4wk8osh81L9aNH/6OljSzWce99UnBefn\nfDZlfg1Y4lFK/zGyFhLcils5lVVd5JfNuwn+54cWdqoTcuaMHvz5i5/cASEI1w8T\nUicdMHUv+32cVcppfhncGxIPqIrdnsWotRrgr7RkYs/ubp8Gm81j6dYNAMJ0YYxG\nn6ppv23poXapuiUjEQc7o8xDtoyI7WnsWrxzd/bm2fXde5krum4CL9X/ugBYV/EC\nAwEAAaNFMEMwHQYDVR0OBBYEFPGRnc9xmEaNZlKWVX+WY+NUHVVDMBIGA1UdEwEB\n/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQDW\nsZV2VOIO7LSjsgRZIWO8iaJ/CVaK+KqY/WhdIoXHcazX8qITnzcPgdci1pCGReDa\nYCjuvGPbHiPqN8n9g8NtbTGoVUBGFPchxK+pLgJUASa11FmOG2HQFngAz/MBjfNC\n/E7AgC3LxDJwf4Sm7jQtzmEMgONGrxQbhJhUIFuUIFrmlQclOxtoIu2aFSEoskob\nh9bDyYKCIiMGY2IFOSP7/oQEY1zkFcH/b1Im5gesNcbEjArmiEdPKlRyPeTiQ1F0\nFIOqaPoIgzwstD1k8cPvvAU9+sH/AhetU1i94U28SFg2Mt6jQM3iG63mHzjFzo14\n6e/YKx6F+MTdsUdP4AFn\n-----END CERTIFICATE-----",
"id": 75755
}
]
},
{
"name": "chain1",
"certificates": [
{
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"expiryDate": "2020-04-07T17:27:35",
"startDate": "2019-04-08T17:27:35",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIECzCCA22gAwIBAgIJAOW+qN6sBoEgMAoGCCqGSM49BAMCMFwxCzAJBgNVBAYT\nAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZB\na2FtYWkxGzAZBgNVBAMMEnRjbS0xMy1leGFtcGxlLmNvbTAeFw0xOTA0MDgxNzI3\nMzVaFw0yMDA0MDcxNzI3MzVaMFwxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJNQTES\nMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxGzAZBgNVBAMMEnRj\nbS0xMy1leGFtcGxlLmNvbTCCAlwwggHPBgcqhkjOPQIBMIIBwgIBATBNBgcqhkjO\nPQEBAkIB////////////////////////////////////////////////////////\n//////////////////////////////8wgZ4EQgH/////////////////////////\n/////////////////////////////////////////////////////////////ARB\nUZU+uWGOHJofkpohoLaFQO6i2nJbmbMV87i0iZGO8QnhVhk5Uex+k3sWUsC9O7G/\nBzVz34g9LDTx70Uf1GtQPwADFQDQnogAKRy4U5bMZxc5MoSqoNpkugSBhQQAxoWO\nBrcEBOnNnj7LZiOVtEKcZIE5BT+1Ifgor2BrTT26oUted+/nWSj+HcEnov+o3jNI\ns8GFakKb+X5+McLlvWYBGDkpaniaO8AEXIpftCx9G9mY9URJV5tEaBevvRcnPmYs\nl+5ymV70JkDFULkBP60HYTU8cIaicsJAiL6Udp/RZlACQgH/////////////////\n//////////////////////////pRhoeDvy+Wa3/MAUj3CaXQO7XJuImcR667b7ce\nkThkCQIBAQOBhgAEAEXztKDE0BsR1r7q/rN2qc4KyTPjjgwlk8Va8VCqA/Elz57Q\nU4Lzt/XEk6vJd2YccgqK/oDffhT7MXT10Kb1DNI/AQryxSAJNlLurHA7G5U4M4xv\nBNgy4vtJJ40Xvbv3Fd7IM42CZBsKsaroKgrfk0NbjU0im9ETgAfUtq//njMiYJo3\noxMwETAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA4GLADCBhwJBPQEZG2pi\nL5iHKGMzb+IKGns1iguNCWEfZT3llAk0P8xb5A1tULWOxP+dJ6ezInRF3QdGGlEN\n2qiMl1vBSTTBsa8CQgGx1vr+0WcgcIRG6F04mKC2ikS+W/9/FuDqbRRHjd2fMWYl\nquT9SnmYbuK2jpM52fmKa85KUUdL2ypPWXSbKKHpQQ==\n-----END CERTIFICATE-----",
"id": 75756
}
]
},
{
"name": "chain31",
"certificates": [
{
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-5-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-5-example.com",
"expiryDate": "2020-03-30T05:07:35",
"startDate": "2019-03-31T05:07:35",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDTDCCAjSgAwIBAgIJALVysyVJNlL0MA0GCSqGSIb3DQEBCwUAMFsxCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxGjAYBgNVBAMMEXRjbS01LWV4YW1wbGUuY29tMB4XDTE5MDMzMTA1\nMDczNVoXDTIwMDMzMDA1MDczNVowWzELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1B\nMRIwEAYDVQQHDAlDYW1icmlkZ2UxDzANBgNVBAoMBkFrYW1haTEaMBgGA1UEAwwR\ndGNtLTUtZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB\nAQC7Q04nJTVIt7/ywgmk8K5WsghDaqzS4VT2dc/qedqa7qr86Bn7EJrftg6RNC8b\nNuRdJfG3CbJpxVMfMLkkFS3+6W1TC6WGJzD/54jRJ3wvAg8bhyAVeQ6xC09mG7i3\nKpZFRHRYfdAu9GRLj25Fih4mrjfEbl042euSB8XQa9ekchwfmh80tFqIJxZZFdX6\n3RbbKQ3afiW+aII/78CA0mOXcbsft53UYpQMYlcWpKSreMyBunFDHUum+b/oYpm1\nlHOE0EvoijRpBLTnGk/nrBoSYGshL7p8QaJxWQ+YBMJLQ4o8QuLQk9s5qW1u9IxJ\n5Pqr0PsSnwtX3TAyKa5YtdcdAgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJ\nKoZIhvcNAQELBQADggEBAFWLGPA/Kqd9KVaY5h0IAJm0zN365VJC2i8dA87CDE1+\nESQyseRXm7uFczyJZgFVwG18iUgs8/8JJ6T7bWwRn/9iomjMvejADywk+ylgkrZI\n6nWGK+XIxQ9XT5+6cFQoXrhDM+o102173ncu6xEbfIPXgd6yY3Rk52Dy6i+vMfE8\n5BVzOmY1KCRGU/K1oo6cOtu6rch8UpBiCcBIBdCCOWVoqAYmznFVwjOaRtfiwbMa\nHB8VKsoEawUIha6nJQbVzgTh5D+gXR9lNMJxNjOeDdGJJBChtnyp69AwsCO/8N3k\naOy6P+6a4hnLUu0E95DW2rOTH1APWuGPJ+HEGwgVPiA=\n-----END CERTIFICATE-----",
"id": 75757
},
{
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-5-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-5-example.com",
"expiryDate": "2020-03-31T03:41:07",
"startDate": "2019-04-01T03:41:07",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDBzCCAe+gAwIBAgIJAJHSGaH2s0o2MA0GCSqGSIb3DQEBCwUAMFsxCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxGjAYBgNVBAMMEXRjbS01LWV4YW1wbGUuY29tMB4XDTE5MDQwMTAz\nNDEwN1oXDTIwMDMzMTAzNDEwN1owaDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1B\nMRIwEAYDVQQHDAlDYW1icmlkZ2UxDzANBgNVBAoMBkFrYW1haTEnMCUGA1UEAwwe\naW50ZXJtZWRpYXRlLnRjbS01LWV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUA\nA4GNADCBiQKBgQDsTUmurNg0FMi0MGOcBT2DImzr+RtSNomGq/NsxhuLiQFAaCnO\niY6yIO0KrOC6NZHcHEWwvQso3OKls/c5pkFGxex4CNR7jpQ/XfoUqVir75fWYR7U\nCSrxaKTSuQyL21OcrO7SN4UCVaIvPTJyIIMh2WQAdjZmzwlujkIsp+USywIDAQAB\no0UwQzAdBgNVHQ4EFgQUln84iBJyViKO4kXJrO6y+O5oPjcwEgYDVR0TAQH/BAgw\nBgEB/wIBATAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAIsbu2dx\nY/hpQg+g4cvihIuMpaN6y/avGm4x9TSILTP+4pcdis8QIMdnBi+2w6+Hhv80rX9w\nCulARg1qTnCf5mkR5iGnF5mEqeIe5xRop1rgmNAkC3D2SwJSLcB4zPHve9ijgk/U\nALe2ucvguaO7WNh3ykmthMLCf5aDr+XnP95F5gXxJ88zmAfx5EExp6QYNahuXgvp\nXhTCkYkhHQeZlw6M8Fx7G5XZAk/kHw4FUmWc8sOj4LtilL7zf9risyPxO3nOW+vF\nFqBS0BLtHbMws6ow2Hhn17WDYFCpF13owqFt6oX407QPhx8jyR2DHwVAPBgF7+BV\niPpNC6TdnL7PVHM=\n-----END CERTIFICATE-----",
"id": 75758
}
]
}
]
}
Get the certificate by ID
Gets the certificate source and its X.509 elements
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
Status 200
application/json
Download schema: certificate.json
Response body:
{
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-11-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"expiryDate": "2020-04-07T17:33:39",
"startDate": "2019-04-08T17:33:39",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDDzCCAnKgAwIBAgIJAJHSGaH2s0pCMAoGCCqGSM49BAMCMFwxCzAJBgNVBAYT\nAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZB\na2FtYWkxGzAZBgNVBAMMEnRjbS0xMy1leGFtcGxlLmNvbTAeFw0xOTA0MDgxNzMz\nMzlaFw0yMDA0MDcxNzMzMzlaMGkxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJNQTES\nMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxKDAmBgNVBAMMH2lu\ndGVybWVkaWF0ZS50Y20tMTEtZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDaotqwVMcQUoje6z353HxTItlOSiKVP4kDv+OuSGz2K8eX\nl2Wv2oRVCqSZ5oYuVooA+2JtviVnjsAidx6VK4+qc6BUmqSF2FEWbBhSm2hi6Pzt\nFp+heVBEdJUKtxHehtI5n1xw8Id5ziQLi5ywKAR5CQLjRScFGIWkj0zMJXUYwjJl\nNkVpJiD4PO1cFqGIIa/VyqlNCNwH3dfZEwBlhmRG1cDBEoOLb/F7159pMNIe/3aB\nlNyehMfLj7vSesFmYCw24nrAwW2gL+gx+uwMJaU3Hzk+yhzcVeOIiw4Gsm/elJzN\nVwJRUxoVSigcYi2Z8BcHWk+HDOZxnO9x0lVeyLZdAgMBAAGjRTBDMB0GA1UdDgQW\nBBR8j0E4g1vIdtpawhc7ZJ72v9qebDASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1Ud\nDwEB/wQEAwIBhjAKBggqhkjOPQQDAgOBigAwgYYCQSp2p1MrZIwGadKK4NrEI0o9\n49g3ISzZ5APw/XqMwen8s6rOlnJJhUN+7zzdp/gIvdPVlMDQBAqb447mPTVn250r\nAkEGJfMps1E9XmWilKXtcZzorYMeO1wCCiEfibYtgVUKoItZqs144K77DfovjUD8\nwvbndItQEOm8sx+MLzQ1aWrduw==\n-----END CERTIFICATE-----",
"id": 77109
}
Get a list of certificates in the latest version of the CA set
By default, gets a list of certificate IDs in the latest version of the CA set.
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
Status 200
application/json
Download schema: certificateIds.json
Response body:
{
"id": 75469,
"name": "devqaSetId276",
"version": 75221,
"hasAcknowledgedNoRootCertificate": true,
"requireRootCertificate": false,
"certificateIds": [
75754,
75755
]
}
Get a list of certificates in a certain version of the CA set
Gets a list of certificate IDs in the specified version of the CA set.
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
version |
Integer | 75361 |
A version number. |
Status 200
application/json
Download schema: certificateIds.json
Response body:
{
"id": 75469,
"name": "devqaSetId276",
"version": 75221,
"hasAcknowledgedNoRootCertificate": true,
"requireRootCertificate": false,
"certificateIds": [
75754,
75755
]
}
Get all active versions of a CA set including trust chains
Active versions of a set are the versions currently deployed, or in the process of deployment to the network. A failed version is included if it is the latest version of the set deployed to the network. Each version of the CA set is presented as a collection of trust chains.
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
Status 200
application/json
Download schema: versions.json
Response body:
{
"id": 75221,
"name": "tcmAutomation-2019-06-18-21-47-10",
"hasAcknowledgedNoRootCertificate": false,
"versions": [
{
"version": 75378,
"requireRootCertificate": true,
"production": "DEPLOYING",
"staging": "DEPLOYED",
"lastModifiedBy": "ccare2",
"timestamp": "2019-06-20T15:04:03.46",
"tree": [
{
"certificate": {
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,OU=IPQA,CN=IOT,E=plevin@akamai.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,OU=IPQA,CN=IOT,E=plevin@akamai.com",
"expiryDate": "2020-03-24T17:37:53",
"startDate": "2019-03-25T17:37:53",
"id": 75438
}
},
{
"certificate": {
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-15-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-15-example.com",
"expiryDate": "2020-04-08T03:59:27",
"startDate": "2019-04-09T03:59:27",
"id": 75437
}
}
]
},
{
"version": 75371,
"requireRootCertificate": true,
"production": "DEPLOYED",
"staging": "DEPLOYMENT_FAILED",
"lastModifiedBy": "ccare2",
"timestamp": "2019-06-19T15:25:51.049",
"tree": [
{
"certificate": {
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,OU=IPQA,CN=IOT,E=plevin@akamai.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,OU=IPQA,CN=IOT,E=plevin@akamai.com",
"expiryDate": "2020-03-24T17:37:53",
"startDate": "2019-03-25T17:37:53",
"id": 75430
}
}
]
},
{
"version": 75361,
"production": "",
"staging": "DEPLOYING",
"lastModifiedBy": "ccare2",
"timestamp": "2019-06-19T01:47:11.675",
"tree": [
{
"certificate": {
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-5-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-5-example.com",
"expiryDate": "2020-03-30T05:07:35",
"startDate": "2019-03-31T05:07:35",
"id": 76274
},
"certificates": [
{
"certificate": {
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-5-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-5-example.com",
"expiryDate": "2020-03-31T03:41:07",
"startDate": "2019-04-01T03:41:07",
"id": 76275
}
}
]
},
{
"certificate": {
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"expiryDate": "2020-04-07T17:27:35",
"startDate": "2019-04-08T17:27:35",
"id": 76273
},
"certificates": [
{
"certificate": {
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-11-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"expiryDate": "2020-04-07T17:33:39",
"startDate": "2019-04-08T17:33:39",
"id": 76271
},
"certificates": [
{
"certificate": {
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate1.tcm-12-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-11-example.com",
"expiryDate": "2020-04-07T17:43:58",
"startDate": "2019-04-08T17:43:58",
"id": 76272
}
}
]
}
]
}
]
}
]
}
Get the deployment status of a CA set
Returns the deployment state of the specified CA set on each network. By default, returns deployment status of the latest version.
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
Status 200
application/json
Object type: DeploymentState
Download schema: deployment-state.json
Response body:
{
"name": "Set1",
"id": 123456,
"version": 76152,
"deployment": {
"staging": "DEPLOYED",
"production": "DEPLOYING"
}
}
Deploy a CA set to the network
Modifies a CA set’s deployment and requests that the set deploys on the specified networks. By default, deploys the latest version of the set.
PUT /trust-chain-manager/
Sample: /trust-chain-manager/
Content-Type: application/json
Object type: Deployment
Download schema: deployment.json
Request body:
{
"deployment": {
"staging": false,
"production": true
}
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
Status 204
Get deployment status of a certain version of the CA set
Returns the deployment state of the specified version of the CA set on each network.
GET /trust-chain-manager/
Sample: /trust-chain-manager/
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
version |
Integer | 76152 |
A version number. |
Status 200
application/json
Object type: DeploymentState
Download schema: deployment-state.json
Response body:
{
"name": "Set1",
"id": 123456,
"version": 76152,
"deployment": {
"staging": "DEPLOYED",
"production": "DEPLOYING"
}
}
Deploy a certain version of the CA set to the network
Modifies deployment of a certain version of the CA set and requests that the version deploys on the specified networks.
PUT /trust-chain-manager/
Sample: /trust-chain-manager/
Content-Type: application/json
Object type: Deployment
Download schema: deployment.json
Request body:
{
"deployment": {
"staging": false,
"production": true
}
}
| Parameter | Type | Sample | Description |
|---|---|---|---|
| URL path parameters | |||
setId |
Integer | 100 |
A unique identifier for each set. |
version |
Integer | 76152 |
A version number. |
Status 204
Validate a CA set
If valid, returns the CA set formatted as a tree structure composed of root and intermediate certificates. See Certificate chain best practice for guidance on certificate validation.
POST /trust-chain-manager/
Content-Type: application/json
Object type: SetFullData
Download schema: set-full-data.json
Request body:
{
"name": "devqaSetId225",
"requireRootCertificate": true,
"deployment": {
"staging": true,
"production": true
},
"chains": [
{
"name": "chain1",
"certificates": "-----BEGIN CERTIFICATE-----\nMIIECzCCA22gAwIBAgIJAOW+qN6sBoEgMAoGCCqGSM49BAMCMFwxCzAJBgNVBAYT\nAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZB\na2FtYWkxGzAZBgNVBAMMEnRjbS0xMy1leGFtcGxlLmNvbTAeFw0xOTA0MDgxNzI3\nMzVaFw0yMDA0MDcxNzI3MzVaMFwxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJNQTES\nMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxGzAZBgNVBAMMEnRj\nbS0xMy1leGFtcGxlLmNvbTCCAlwwggHPBgcqhkjOPQIBMIIBwgIBATBNBgcqhkjO\nPQEBAkIB////////////////////////////////////////////////////////\n//////////////////////////////8wgZ4EQgH/////////////////////////\n/////////////////////////////////////////////////////////////ARB\nUZU+uWGOHJofkpohoLaFQO6i2nJbmbMV87i0iZGO8QnhVhk5Uex+k3sWUsC9O7G/\nBzVz34g9LDTx70Uf1GtQPwADFQDQnogAKRy4U5bMZxc5MoSqoNpkugSBhQQAxoWO\nBrcEBOnNnj7LZiOVtEKcZIE5BT+1Ifgor2BrTT26oUted+/nWSj+HcEnov+o3jNI\ns8GFakKb+X5+McLlvWYBGDkpaniaO8AEXIpftCx9G9mY9URJV5tEaBevvRcnPmYs\nl+5ymV70JkDFULkBP60HYTU8cIaicsJAiL6Udp/RZlACQgH/////////////////\n//////////////////////////pRhoeDvy+Wa3/MAUj3CaXQO7XJuImcR667b7ce\nkThkCQIBAQOBhgAEAEXztKDE0BsR1r7q/rN2qc4KyTPjjgwlk8Va8VCqA/Elz57Q\nU4Lzt/XEk6vJd2YccgqK/oDffhT7MXT10Kb1DNI/AQryxSAJNlLurHA7G5U4M4xv\nBNgy4vtJJ40Xvbv3Fd7IM42CZBsKsaroKgrfk0NbjU0im9ETgAfUtq//njMiYJo3\noxMwETAPBgNVHRMBAf8EBTADAQH/MAoGCCqGSM49BAMCA4GLADCBhwJBPQEZG2pi\nL5iHKGMzb+IKGns1iguNCWEfZT3llAk0P8xb5A1tULWOxP+dJ6ezInRF3QdGGlEN\n2qiMl1vBSTTBsa8CQgGx1vr+0WcgcIRG6F04mKC2ikS+W/9/FuDqbRRHjd2fMWYl\nquT9SnmYbuK2jpM52fmKa85KUUdL2ypPWXSbKKHpQQ==\n-----END CERTIFICATE-----"
},
{
"name": "chain2",
"certificates": "-----BEGIN CERTIFICATE-----\nMIIDDzCCAnKgAwIBAgIJAJHSGaH2s0pCMAoGCCqGSM49BAMCMFwxCzAJBgNVBAYT\nAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZB\na2FtYWkxGzAZBgNVBAMMEnRjbS0xMy1leGFtcGxlLmNvbTAeFw0xOTA0MDgxNzMz\nMzlaFw0yMDA0MDcxNzMzMzlaMGkxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJNQTES\nMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxKDAmBgNVBAMMH2lu\ndGVybWVkaWF0ZS50Y20tMTEtZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUA\nA4IBDwAwggEKAoIBAQDaotqwVMcQUoje6z353HxTItlOSiKVP4kDv+OuSGz2K8eX\nl2Wv2oRVCqSZ5oYuVooA+2JtviVnjsAidx6VK4+qc6BUmqSF2FEWbBhSm2hi6Pzt\nFp+heVBEdJUKtxHehtI5n1xw8Id5ziQLi5ywKAR5CQLjRScFGIWkj0zMJXUYwjJl\nNkVpJiD4PO1cFqGIIa/VyqlNCNwH3dfZEwBlhmRG1cDBEoOLb/F7159pMNIe/3aB\nlNyehMfLj7vSesFmYCw24nrAwW2gL+gx+uwMJaU3Hzk+yhzcVeOIiw4Gsm/elJzN\nVwJRUxoVSigcYi2Z8BcHWk+HDOZxnO9x0lVeyLZdAgMBAAGjRTBDMB0GA1UdDgQW\nBBR8j0E4g1vIdtpawhc7ZJ72v9qebDASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1Ud\nDwEB/wQEAwIBhjAKBggqhkjOPQQDAgOBigAwgYYCQSp2p1MrZIwGadKK4NrEI0o9\n49g3ISzZ5APw/XqMwen8s6rOlnJJhUN+7zzdp/gIvdPVlMDQBAqb447mPTVn250r\nAkEGJfMps1E9XmWilKXtcZzorYMeO1wCCiEfibYtgVUKoItZqs144K77DfovjUD8\nwvbndItQEOm8sx+MLzQ1aWrduw==\n-----END CERTIFICATE-----"
},
{
"name": "chain3",
"certificates": "-----BEGIN CERTIFICATE-----\nMIIDmzCCAoOgAwIBAgIJAJHSGaH2s0pDMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxKDAmBgNVBAMMH2ludGVybWVkaWF0ZS50Y20tMTEtZXhhbXBsZS5j\nb20wHhcNMTkwNDA4MTc0MzU4WhcNMjAwNDA3MTc0MzU4WjBqMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMSkwJwYDVQQDDCBpbnRlcm1lZGlhdGUxLnRjbS0xMS1leGFtcGxlLmNvbTCC\nASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALgwBUMjpHQcU3gnZBlPaT7y\nFAlwVjP/tjpxrnc9o92HJdta6yukQuPJ+FjY1AYvCaf5bF8KHpo08Vz2X43tQhMu\nHMBRMUTb6HxYitQbiTijVw0gClSMmvBV4wk8osh81L9aNH/6OljSzWce99UnBefn\nfDZlfg1Y4lFK/zGyFhLcils5lVVd5JfNuwn+54cWdqoTcuaMHvz5i5/cASEI1w8T\nUicdMHUv+32cVcppfhncGxIPqIrdnsWotRrgr7RkYs/ubp8Gm81j6dYNAMJ0YYxG\nn6ppv23poXapuiUjEQc7o8xDtoyI7WnsWrxzd/bm2fXde5krum4CL9X/ugBYV/EC\nAwEAAaNFMEMwHQYDVR0OBBYEFPGRnc9xmEaNZlKWVX+WY+NUHVVDMBIGA1UdEwEB\n/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQDW\nsZV2VOIO7LSjsgRZIWO8iaJ/CVaK+KqY/WhdIoXHcazX8qITnzcPgdci1pCGReDa\nYCjuvGPbHiPqN8n9g8NtbTGoVUBGFPchxK+pLgJUASa11FmOG2HQFngAz/MBjfNC\n/E7AgC3LxDJwf4Sm7jQtzmEMgONGrxQbhJhUIFuUIFrmlQclOxtoIu2aFSEoskob\nh9bDyYKCIiMGY2IFOSP7/oQEY1zkFcH/b1Im5gesNcbEjArmiEdPKlRyPeTiQ1F0\nFIOqaPoIgzwstD1k8cPvvAU9+sH/AhetU1i94U28SFg2Mt6jQM3iG63mHzjFzo14\n6e/YKx6F+MTdsUdP4AFn\n-----END CERTIFICATE-----"
}
]
}
Status 200
application/json
Download schema: versions.json
Response body:
{
"id": null,
"name": null,
"hasAcknowledgedNoRootCertificate": false,
"versions": [
{
"version": null,
"requireRootCertificate": true,
"staging": "",
"production": "",
"status": "INITIAL",
"lastModifiedBy": "ralexand",
"timestamp": "2019-06-28T18:11:01.158",
"tree": [
{
"certificate": {
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"expiryDate": "2020-04-07T17:27:35",
"startDate": "2019-04-08T17:27:35",
"id": null
},
"certificates": [
{
"certificate": {
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-11-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=tcm-13-example.com",
"expiryDate": "2020-04-07T17:33:39",
"startDate": "2019-04-08T17:33:39",
"id": null
},
"certificates": [
{
"certificate": {
"subject": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate1.tcm-11-example.com",
"issuer": "C=US,ST=MA,L=Cambridge,O=Akamai,CN=intermediate.tcm-11-example.com",
"expiryDate": "2020-04-07T17:43:58",
"startDate": "2019-04-08T17:43:58",
"id": null
}
}
]
}
]
}
]
}
]
}
Data
This section provides you with the data model for the Trust Chain Manager API.
Download the JSON schemas for this API.
This section’s data schema tables list membership requirements as follows:
| ✓ | Member is required in requests, or always present in responses, even if its value is empty or null. |
| ○ | Member is optional, and may be omitted in some cases. |
SetFullData
Full data presentation of a CA Set.
Download schema:
set-full-data.json
Sample GET response, POST, PUT body:
{
"id": 123456,
"version": 75361,
"name": "Set1",
"hasAcknowledgedNoRootCertificate": true,
"requireRootCertificate": false,
"deployment": {
"staging": true,
"production": true
},
"chains": [
{
"name": "Chain1",
"certificates": "-----BEGIN CERTIFICATE-----\nMIICiTCCAfKgAwIBAgIJAJHSGaH2s0otMA0GCSqGSIb3DQEBCwUAMF8xCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxHjAcBgNVBAMMFXNvbWUtcm9vdC5leGFtcGxlLmNvbTAeFw0xOTAz\nMDgxOTA3MDhaFw00NjA3MjMxOTA3MDhaMGcxCzAJBgNVBAYTAlVTMQswCQYDVQQI\nDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxJjAkBgNV\nBAMMHXNvbWUtaW50ZXJtZWRpYXRlLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEB\nAQUAA4GNADCBiQKBgQCzuzTQHsW8HHB6cHv7jT/4cETl53jHB1QOK7aVdVO/cK5i\nv8YFB/O2zcXfHbObJTMDp5T33tiy2dTa4X/9OirC/FcEKK7pFL07r60nkyLbnX1P\nOLE7TrfBbzFpBxWXTSuXFi4Y002dvxKfxsgruxD3JVsdwBh4jZS6IkyUJHmopwID\nAQABo0UwQzAdBgNVHQ4EFgQUAveECjwgwk+MHozpCpMauW1TftkwEgYDVR0TAQH/\nBAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADgYEAxRxv\n4NadAtvJx7xBGBcR9C3NEz9WR84bpfHP720ZpgR8WRPXxjQZz/clwADi6PpE1/7B\nqybde5hE38XnbGOhzIDyIXd8Hfztaaj7vxR5DiEOAY3jE5Ix98WQ0ZrbYTSu4o1b\ncSPdPt3JWFygdtur9ikw9FRFPNhcH195X5LGJas=\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIICNTCCAZ4CCQC+2uIuN+erCTANBgkqhkiG9w0BAQsFADBfMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMR4wHAYDVQQDDBVzb21lLXJvb3QuZXhhbXBsZS5jb20wHhcNMTkwMzA4MTkw\nMzE4WhcNNDYwNzIzMTkwMzE4WjBfMQswCQYDVQQGEwJVUzELMAkGA1UECAwCTUEx\nEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWthbWFpMR4wHAYDVQQDDBVz\nb21lLXJvb3QuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB\nANpc8vud0MhTRDBB1JZGfEAuutQf/CQ8ToyDor4TBvE1pa24DvT1DEaaDUMhVPXK\naJC95re6xV2NOvCrvOjZBNH94DWCldRg93DOVPmUEVcEcB81zfdfT0iEW96C2RFf\nI1Hv0tJynmxDI5k5lK4Js6/nonJbUVHL8X63yMvmR9HNAgMBAAEwDQYJKoZIhvcN\nAQELBQADgYEABnpsP51MLW0069megs/czB3EJWeMt2ynCD6RlQPqXBlkVsengT3y\ntRnKJwD5SYjr8sW9Vq5Rp2dm7X7i9osB+CSveORw3hWbu4TmiA18qJr/SSUwo5Xf\nbsjfV2IUQtNLEExhp1nBjvJNmTP3g/NiVVWHEQafynwXlNAj1ySuUzs=\n-----END CERTIFICATE-----"
},
{
"name": "ChainN",
"certificates": "-----BEGIN CERTIFICATE-----\nMIICijCCAfOgAwIBAgIJAJHSGaH2s0osMA0GCSqGSIb3DQEBCwUAMGExCzAJBgNV\nBAYTAlVTMQswCQYDVQQIDAJNQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQK\nDAZBa2FtYWkxIDAeBgNVBAMMF3RjbS1yb290LWNhLmV4YW1wbGUuY29tMB4XDTE5\nMDIyNDIzMzUxN1oXDTQ2MDcxMTIzMzUxN1owZjELMAkGA1UEBhMCVVMxCzAJBgNV\nBAgMAk1BMRIwEAYDVQQHDAlDYW1icmlkZ2UxDzANBgNVBAoMBkFrYW1haTElMCMG\nA1UEAwwcdGNtLWludGVybWVkaWF0ZS5leGFtcGxlLmNvbTCBnzANBgkqhkiG9w0B\nAQEFAAOBjQAwgYkCgYEAw6JPmMaZD/SOBkQ+PISBF+o+gQ0/zz6ei7GCfgN3k7db\nAm6GsqxG7yKJfQYhHMTQQsUNgNzYNSFRdJNyHM8Edjr3sCGIei571HNu3Yik95T3\nPJpInaY24yfye+v9ln2hKu/53r5G3xdsSm/ZyI1wK7nRj6bzbwnGlXEfMKmhcg8C\nAwEAAaNFMEMwHQYDVR0OBBYEFHu2jZE6TpHcoQwZaSNmj/VJ+p8TMBIGA1UdEwEB\n/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4GBABR8\nZ1blA+Vx32a39OhOX+Ul/PC8fX4Z0El7tiOGAA2xCoHK7cZqd+QkdKV9ju3Z2ah0\nSCHOPqBT7tZaXPrtx7sxtlb0U6IJdklb78BjeK1KlM5x4jfnAaAvouaGX2SU9fp2\na1P/IsuOD6zHBddTysuX8W3YEycdT7JzhCWpROKF\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIICOTCCAaICCQDPV5YuumF6sDANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQGEwJV\nUzELMAkGA1UECAwCTUExEjAQBgNVBAcMCUNhbWJyaWRnZTEPMA0GA1UECgwGQWth\nbWFpMSAwHgYDVQQDDBd0Y20tcm9vdC1jYS5leGFtcGxlLmNvbTAeFw0xOTAyMjQy\nMzM0MjJaFw00NjA3MTEyMzM0MjJaMGExCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJN\nQTESMBAGA1UEBwwJQ2FtYnJpZGdlMQ8wDQYDVQQKDAZBa2FtYWkxIDAeBgNVBAMM\nF3RjbS1yb290LWNhLmV4YW1wbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\niQKBgQDXFPDgDFXXcS7Pa6G02VP6OGL3YYGBJm2AqtkB0MeLWOk3RsBIPcEgY1eq\n+32n8fObXUr0UX22sjyv/PkMkYWIru01dE9pc2KCDNYF7Gea8kM9C0VQx0gog5SL\nesYHABEox+t0ZVhVvOfUIlqK6GN7eEiN6PTgKhpEVnoowne81QIDAQABMA0GCSqGvSIb3DQEBCwUAA4GBALK8Hko9UU62XYX1IdJ2EA/XRWHPin2OXurEPRDv0X4q9oc9\nBMvDR36pXMMEFd9pRp7MQnGq266qecNWBkmcSY9k/ct8GtG6t4k+lBQvQPBERs7I\niiCDgIa53ofoJSi2rN9+HuluSwFLIObt2pKhrgfy6UV9VasTyxcLw8wD4z8u\n-----END CERTIFICATE-----"
}
]
}
SetFullData members
| Member | Type | Required | Description |
|---|---|---|---|
SetFullData: Full data presentation of a CA Set. |
|||
chains |
Set |
✓ | User defined groups of certificates for organizational purposes. One or more groups can be defined. Each group contains a collection of one or more valid, non-expired, root or intermediate certificates. (Note: Akamai ignores user defined groupings and references all certificates within the certificate set for mTLS operations. Originally intended for customers to group by individual certificate chains, this specific type of grouping is no longer required.) |
deployment |
Set |
✓ | Indicates the target networks for this deployment. To validate the CA set without deploying it, set both Staging and Production to NULL. This action does not store the CA set in the system and provides the validation result in the response object. |
has |
Boolean | ○ | Read-only. If true, the user acknowledged the risk of not verifying all certificates in the set using certificate path validation to a root certificate and considering each certificate a trust anchor on its own merit. Validation of each version of the set is conducted based on the value of the query parameter requireRootCertificate (true/false) included in the request when the version is created. |
id |
Number | ○ | A unique identifier for the set. Included in GET responses and not required for POST or PUT operations. |
name |
String | ✓ | The name of the set. |
require |
Boolean | ○ | If true, for each certificate in the version, path validation is conducted to a self-signed trust anchor. If false, all certificates in the version no longer verified using certificate path validation to a root certificate and each is considered a trust anchor on its own merit. |
version |
Number | ○ | A version number of the set. Included in GET responses and not required for POST or PUT operations. |
SetFullData.chains[]: User defined groups of certificates for organizational purposes. One or more groups can be defined. Each group contains a collection of one or more valid, non-expired, root or intermediate certificates. (Note: Akamai ignores user defined groupings and references all certificates within the certificate set for mTLS operations. Originally intended for customers to group by individual certificate chains, this specific type of grouping is no longer required.) |
|||
certificates |
String | ✓ | Certificates, either root or intermediate, in PEM format, as are found in Base64 ASCII encoded files. |
name |
String | ✓ | A name used to organize certificates within the certificate set into user defined groups. |
SetFullData.deployment: Indicates the target networks for this deployment. To validate the CA set without deploying it, set both Staging and Production to NULL. This action does not store the CA set in the system and provides the validation result in the response object. |
|||
production |
Boolean | ✓ | True if you are deploying to the Production network; false if not. |
staging |
Boolean | ✓ | True if you are deploying to the Staging network; false if not. |
SetRef
Encapsulates the identifying information for a CA Set.
Download schema:
set-ref.json
Sample POST, PUT response:
{
"accountId": "A-1234BD",
"set": "/trust-chain-manager-api/v1/sets/10000",
"name": "Set1"
}
SetRef members
| Member | Type | Required | Description |
|---|---|---|---|
SetRef: Encapsulates the identifying information for a CA Set. |
|||
accountId |
String | ✓ | Read-only. The account ID associated with the set. |
name |
String | ✓ | Read-only. The name of the set. |
set |
String | ✓ | Read-only. A unique identifier for the set. |
Set
Selected data items in a CA Set.
Download schema:
set.json
Sample Set:
{
"name": "Set1",
"id": 123456,
"deployment": {
"staging": false,
"production": true
}
}
Set members
| Member | Type | Required | Description |
|---|---|---|---|
Set: Selected data items in a CA Set. |
|||
deployment |
Set. |
✓ | Encapsulates set network deployment options. |
has |
Boolean | ✓ | Read-only. If true, the user acknowledged the risk of not verifying all certificates in the set using certificate path validation to a root certificate and considering each certificate a trust anchor on its own merit. Validation of each version of the set is conducted based on the value of the query parameter requireRootCertificate (true/false) included in the request when the version is created. |
id |
Number | ✓ | Read-only. A unique identifier for the set. |
name |
String | ✓ | Read-only. The name of the set. |
Set.deployment: Encapsulates set network deployment options. |
|||
production |
Boolean | ✓ | Read-only. True if the required deployment network for the set is Production; false if not. |
staging |
Boolean | ✓ | Read-only. True if the required deployment network for the set is Staging; false if not. |
Sets
A collection of CA Sets.
Download schema:
sets.json
Sample GET response:
{
"accountId": "A-123DGC",
"sets": [
{
"name": "Set1",
"id": 123456,
"hasAcknowledgedNoRootCertificate": true,
"deployment": {
"staging": true,
"production": true
}
},
{
"name": "Set10",
"id": 789123,
"hasAcknowledgedNoRootCertificate": false,
"deployment": {
"staging": true,
"production": false
}
}
]
}
Sets members
| Member | Type | Required | Description |
|---|---|---|---|
Sets: A collection of CA Sets. |
|||
accountId |
String | ✓ | Read-only. The account ID associated with this set. |
sets |
Sets. |
○ | Selected data items in a CA Set. |
Sets.sets[]: Selected data items in a CA Set. |
|||
deployment |
Sets. |
✓ | Encapsulates set network deployment options. |
has |
Boolean | ✓ | Read-only. If true, the user acknowledged the risk of not verifying all certificates in the set using certificate path validation to a root certificate and considering each certificate a trust anchor on its own merit. Validation of each version of the set is conducted based on the value of the query parameter requireRootCertificate (true/false) included in the request when the version is created. |
id |
Number | ✓ | Read-only. A unique identifier for the set. |
name |
String | ✓ | Read-only. The name of the set. |
Sets.sets[].deployment: Encapsulates set network deployment options. |
|||
production |
Boolean | ✓ | Read-only. True if the required deployment network for the set is Production; false if not. |
staging |
Boolean | ✓ | Read-only. True if the required deployment network for the set is Staging; false if not. |
Deployment
Indicates the target networks for a deployment and provides validation for draft CA sets when network values are set to null.
Download schema:
deployment.json
Sample PUT body:
{
"deployment": {
"staging": false,
"production": true
}
}
Deployment members
| Member | Type | Required | Description |
|---|---|---|---|
Deployment: Indicates the target networks for a deployment and provides validation for draft CA sets when network values are set to null. |
|||
deployment |
Deployment. |
✓ | Encapsulates set network deployment options. |
Deployment.deployment: Encapsulates set network deployment options. |
|||
production |
Boolean | ✓ | True if you are deploying to the Production network; false if not. |
staging |
Boolean | ✓ | True if you are deploying to the Staging network; false if not. |
DeploymentState
Indicates deployment status on each network for a CA Set.
Download schema:
deployment-state.json
Sample GET response:
{
"name": "Set1",
"id": 123456,
"version": 76152,
"deployment": {
"staging": "DEPLOYED",
"production": "DEPLOYING"
}
}
DeploymentState members
| Member | Type | Required | Description |
|---|---|---|---|
DeploymentState: Indicates deployment status on each network for a CA Set. |
|||
deployment |
Deployment |
✓ | Encapsulates deployment status of a set on each network. |
id |
Number | ✓ | Read-only. A unique identifier for the set. |
name |
String | ✓ | Read-only. The name of the set. |
version |
Number | ○ | Read-only. Identifier of the version of the set. |
DeploymentState.deployment: Encapsulates deployment status of a set on each network. |
|||
production |
Enumeration | ✓ | Read-only. Deployment status on the Production network, , either PENDING, DEPLOYING, DEPLOYED, or DEPLOYMENT_FAILED. |
staging |
Enumeration | ✓ | Read-only. Deployment status on the Staging network, either PENDING, DEPLOYING, DEPLOYED, or DEPLOYMENT_FAILED. |
Errors
Error responses
This is a sample of a typical error response JSON object. The instance field of the object contains an internal trace ID which helps Akamai support team trace the error in the system logs. Should the customer need to contact Akamai for assistance understanding the cause of the error, they will be asked to provide this reference to the representative.
HTTP/1.1 500
{
"type": "Internal Server Error",
"title": "INTERNAL_SERVER_ERROR",
"detail": "Internal Error.",
"instance": "/trust-chain-manager/error-instances/3fb4c8c3-1253-4443-8cda-f6d5c11a84dd"
}
HTTP status codes
| Code | Description |
|---|---|
| 200 | The Get CA Set operation successfully returned the Set or a collection of Sets. |
| 202 | The Create New or Update CA Set resource request was accepted. |
| 204 | Successfully processed request; no content returned to the caller. |
| 400 | Bad Request. |
| 401 | Authentication failure. |
| 403 | Access is forbidden. |
| 404 | No CA Set is found. |
| 405 | Method not supported. |
| 409 | Conflict with current state of the CA Set. |
| 415 | Unsupported media type. |
| 500 | Internal server error. |
| 503 | Service is temporarily unavailable. |