Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

PowerProtect Data Manager Appliance 5.15.0.0 Security Configuration Guide for DM5500

PDF

Import security certificates for external components through the REST API

Where communication with an external component requires a security certificate, you can use the REST API to import that security certificate to PowerProtect Data Manager Appliance. You must have the public certificate chain for the external component in either PEM or Base64 format.

About this task

The certificate examples in this task are simplified for clarity and space.

The PowerProtect Data Manager Appliance REST API documentation provides more information, including examples, about how to use the REST API. Use curl or a client of your choice and supply a valid access token with each call after the log-in. Clients may require additional parameters to allow connections to servers that use self-signed certificates.

Certificates for external components are imported to the PowerProtect Data Manager Appliance truststore under an alias composed of three parameters: host:port:type. The certificate ID is a Base64-encoded representation of this alias.

In this task, {{external-component}} represents the FQDN for the external component. {{remote-port}} represents the port number through which interaction with the component takes place. {{cert-type}} represents one of the following certificate types: HOST, ROOT, or INTERMEDIATE.

Steps

  1. Log in to the PowerProtect Data Manager Appliance REST API as a user with the Administrator or Security Administrator role.
    Record the access token.
  2. (Optional) Import the security certificate in PEM format:

    POST https://{{server}}:{{port}}/api/v2/certificates 

    Headers:
  Content-Type: application/json
  Authorization: Bearer {{access-token}}
    {
    "host": "{{external-component}}",
    "port": "{{remote-port}}",
    "type": "{{cert-type}}",
    "certificateChain": "{{PEM-cert}}"
}

    Replace {{PEM-cert}} with a \n-delimited single-line string that represents the contents of the certificate chain. For example: 

    -----BEGIN CERTIFICATE-----\nMIIDdzCCAl+gAwIBAgI\nUzERMA8GA1UEChMIU2l\nMDkyMjE4MDEzNFoXDTI\nBAoTC1BQRE0gU2VydmV\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nEHD0fXjANBgkqhkiG9w\nd3cuc2lnbi5jb20gYz1\nZ24gUm9vdCBDQTAeFw0\nBgNVBAYTAlVTMREwDwY\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIDSTCCAjGgAwIBAgI\nd3cuc2lnbi5jb20gYz1\nZ24gUm9vdCBDQTAeFw0\nBgNVBAsTEXd3dy5zaWd\n-----END CERTIFICATE-----\n
    The REST API service returns a status code.
  3. (Optional) Import the security certificate in Base64 format:

    POST https://{{server}}:{{port}}/api/v2/certificates 

    Headers:
  Content-Type: application/json
  Authorization: Bearer {{access-token}}
    {
    "host": "{{external-component}}",
    "port": "{{remote-port}}",
    "type": "{{cert-type}}",
    "certificateChain": "{{Base64-cert}}"
}

    Replace {{Base64-cert}} with a Base64-encoded single-line string that represents the contents of the certificate chain. For example: 

        "certificateChain": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSU9rRENDRF"
    The REST API service returns a status code.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\