Example: Associating a leaf certificate with a switch feature using REST APIs
The following example associates the signed certificate
my-cert-name
with the HTTPS server switch feature. For complete information about the switch features to which you can associate a leaf certificate, see the
Security Guide.
-
Get the configuration attributes of the
system
resource:Example method and URI:
GET "https://192.0.2.5/rest/v1/system?selector=configuration"
Example curl command:
$ curl -k --noproxy 192.0.2.5 GET \ -b /tmp/primary_auth_cookie \ "https://192.0.2.5/rest/v1/system?selector=configuration"
On successful completion, the switch returns response code 200 and a JSON object containing the configuration attributes.
-
In the portion of the response body defines the certificate name for the HTTPS server, change the value to:
my-cert-name
The certificate name associated with the HTTPS server is the value assigned to the
https-server
key, which is under thecertificate_association
key of thesys_config
key. By default, the certificate name is:local-cert
The request body of a PUT request is permitted to include only the mutable configuration attributes. In the ArubaOS-CX software releases to which this example applies, all the configuration attributes for the
system
resource are mutable attributes, so you do not need to edit the JSON object to remove the immutable attributes. -
Using a PUT request, update the system resource with the edited JSON data as the request body.
Example method and URI:
PUT "https://192.0.2.5/rest/v1/system"
Example request body (Ellipses (…) represent data not shown in the example.):
{ "aaa": { ... }, ... "certificate_association": { "https-server": "my-cert-name", "syslog-client": "local-cert" }, ... }
Example curl command (Ellipses (…) represent data not shown in the example.):
$ curl -k --noproxy 192.0.2.5 -X PUT \ -b /tmp/primary_auth_cookie \ --data '{ "aaa": { ... }, ... "certificate_association": { "https-server": "my-cert-name", "syslog-client": "local-cert" }, ... }' "https://192.0.2.5/rest/v1/system"
On successful completion, the switch returns response code 200 OK.