Import security certificates for external components through the REST API
Where communication with an external component requires a security certificate, you can use the REST API to import that security certificate to
PowerProtect Data Manager Appliance. You must have the public certificate chain for the external component in either PEM or Base64 format.
About this task
The certificate examples in this task are simplified for clarity and space.
The
PowerProtect Data Manager Appliance REST API documentation provides more information, including examples, about how to use the REST API. Use
curl or a client of your choice and supply a valid access token with each call after the log-in. Clients may require additional parameters to allow connections to servers that use self-signed certificates.
Certificates for external components are imported to the
PowerProtect Data Manager Appliance truststore under an alias composed of three parameters:
host:port:type. The certificate ID is a Base64-encoded representation of this alias.
In this task,
{{external-component}} represents the FQDN for the external component.
{{remote-port}} represents the port number through which interaction with the component takes place.
{{cert-type}} represents one of the following certificate types:
HOST,
ROOT, or
INTERMEDIATE.
Steps
Log in to the
PowerProtect Data Manager Appliance REST API as a user with the
Administrator or
Security Administrator role.
Record the access token.
(Optional) Import the security certificate in PEM format:
POST https://{{server}}:{{port}}/api/v2/certificates