Send Docs Feedback

Keystores and Truststores


Base Path: https://api.enterprise.apigee.com/v1/o/{org_name}/environments/{env_name}

API Resource Path: /keystores
A list of URIs used to create, modify, and delete keystores and truststores.
Keystores and truststores define repositories of security certificates used for TLS encryption. The main difference between the two is where they are used in the TLS handshaking process:
 
  • A keystore is maintained on the server hosting the TLS endpoint. It contains an TLS certificate and private key. When a client connects to the TLS endpoint on the server, the keystore presents the server's certificate (public cert) to the client.

    All servers hosting an TLS endpoint create a keystore for both one-way and two-way, or client, TLS.
  • A truststore contains trusted certificates stored on the client that are used when the client makes an outbound TLS connection to an TLS endpoint. The contents of the truststore are used to validate the identity of the server's certificate being presented to the client.  

    A server typically creates a truststore when configuring two-way TLS. The server maintains its cert and private key in its keystore, and maintains the client's cert in its truststore.
Create a keystore or truststore Detail
/keystores
Verb: POST
Description: Creates a keystore or truststore in an environment.
Media types:
application/json
text/xml
Auth: Basic Auth
Delete a keystore or truststore Detail
/keystores/{keystore_name}
Verb: DELETE
Description: Deletes a keystore or truststore in an environment.
Auth: Basic Auth
List all keystores and truststores Detail
/keystores
Verb: GET
Description: Returns a list of all keystores and truststores in the environment.
Media types:
application/json
text/xml
Auth: Basic Auth
Get a keystore or truststore Detail
/keystores/{keystore_name}
Verb: GET
Description: Returns a specific keystore or truststore in the environment.
Media types:
application/json
text/xml
Auth: Basic Auth
Get cert details from a keystore or truststore Detail
/keystores/{keystore_name}/certs/{cert_name}
Verb: GET
Description: Returns a specific cert from a keystore or truststore.
Media types:
application/json
text/xml
Auth: Basic Auth
Get all certs from a keystore or truststore Detail
/keystores/{keystore_name}/certs
Verb: GET
Description: Returns all certs from a keystore or truststore.
Media types:
application/json
text/xml
Auth: Basic Auth
Delete cert from a keystore or truststore Detail
/keystores/{keystore_name}/certs/{cert_name}
Verb: DELETE
Description: Deletes a cert from a keystore or truststore.
Auth: Basic Auth
Export a cert Detail
/keystores/{keystore_name}/certs/{cert_name}/export
Verb: GET
Description: Export a cert from a keystore or truststore.
Media types:
text
Auth: Basic Auth
Upload a certificate to a truststore Detail
/keystores/{keystore_name}/certs
Verb: POST
Description: Uploads a certificate to a truststore in an environment.
Media types:
application/json
text/xml
Auth: Basic Auth
Upload a JAR file to a keystore Detail
/keystores/{keystore_name}/keys
Verb: PUT
Description: Uploads a JAR file to a keystore in an environment.
Media types:
application/json
text/xml
Auth: Basic Auth

 

Help or comments?