Search (SHIFT+S)
ECS Management API
ECS Object Service API
-
Amazon S3
- S3 Bucket
- S3 Bucket ACL
- S3 Bucket Cors
- S3 Bucket Is Stale Allowed
- S3 Bucket Lifecycle
- S3 Bucket List Uploads
- S3 Bucket Location
- S3 Bucket Policy
- S3 Bucket Versioning
- S3 Bucket Versions
- S3 Data Node
- S3 Metadata Key List
- S3 Metadata Key System List
- S3 Metadata Search
- S3 Multi Object Delete
- S3 Object
- S3 Object ACL
- S3 Object Init Uploads
- S3 Object Replication Info Operations
- S3 Object Tagging Operations
- S3 Object Uploads
- S3 Options
- S3 Ping
- S3 Retention Update Operation
- EMC Atmos
- OpenStack Swift
ECS API Changes
Modified since last release
Set Key Certificate Pair
PUT /object-cert/keystore
Sets private key and certificate pair. The new certificate and key will be rotated into all of the nodes within 1 hour.
Required Roles
SECURITY_ADMIN
Request Payload
All parameters are required unless otherwise stated.
| Field | Description | Type | Notes |
| rotate_keycertchain | |||
| ip_addresses | Key and certificate parameter IP addresses. The IP addresses are taken into account only if system_selfsigned is set to true. i.e, User wants the system to generate a new self-signed certificate. | ||
| ip_address | String |
0-* Elements |
|
| system_selfsigned | Set true if the new certificate is self signed, false otherwise. | Boolean |
Valid Values:
|
| key_and_certificate | |||
| private_key | The private key used to sign the certificate in PEM format. | String | |
| certificate_chain | New certificate for the nodes in PEM format. For certificates signed by an intermediate CA (most are), the intermediate certificate(s) should be concatenated to the text string, also in PEM format. | String |
Response Body
New certificate chain used by Object Service.
| Field | Description | Type | Notes |
| certificate_chain | |||
| chain | Keystore certificate chain in PEM format | String |
Examples
Request
PUT https://192.168.0.0:4443/object-cert/keystore HTTP/1.1
Content-Type: application/xml
X-SDS-AUTH-TOKEN: <AUTH_TOKEN>
<rotate_keycertchain>
<ip_addresses>
<ip_address>x.x.x.x</ip_address>
</ip_addresses>
<system_selfsigned>true</system_selfsigned>
<key_and_certificate>
<private_key>key</private_key>
<certificate_chain>chain</certificate_chain>
</key_and_certificate>
</rotate_keycertchain>
Response
HTTP/1.1 200 OK
Content-Type: application/xml
<certificate_chain>
<chain>-----BEGIN CERTIFICATE-----
MIIDCDCCAfCgAwIBAgIICyp+EVCTPAwwDQYJKoZIhvcNAQELBQAwFjEUMBIGA1UE
AxMLRGF0YVNlcnZpY2UwHhcNMTUwMjI1MDM1NzE2WhcNMjUwMjIyMDM1NzE2WjAW
MRQwEgYDVQQDEwtEYXRhU2VydmljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAKWPajocJQR+oT4JjUTjJStWLh52lFQkUH0yOUrio4GmWAugBWOivNkb
XOfMRG5g56DuYWMToH4BRnz9bjFmYAO2/ZuutBzVgRGAtrD1Fv9WDl3ZkZeC813X
yTkCxaik+CKBr8hae8P3XH0AzpUcY+ls/msWZgiItTDACnKULNWVI9w9akKjTM9e
Y2etG5c3r/37CJokMh2pBZAnS3cJKmzWc98dqxLun74pi43kNOjz8oybjTfav0EW
NFRASngJT+sHmKasX5QD5p3x2I0layV6b0fR0WWbHcg6av8VkicjFWnuyPFlkr7j
/5F71zZ8u3VDL7KdK6WSPpsL2GxdW6UCAwEAAaNaMFgwHwYDVR0jBBgwFoAUGw2z
BFpglBs/yR4efJVndgWJltYwFgYDVR0RBA8wDYIFdmlwcjGHBAr3s+4wHQYDVR0O
BBYEFBsNswRaYJQbP8keHnyVZ3YFiZbWMA0GCSqGSIb3DQEBCwUAA4IBAQApBtos
sAdBxlXZXSOejbvRq5g5KjzxkwsrNPFCWOs/4KL7dR41GvkHRvxe6Uxc1cgWhrJH
WXPVlvkadZqSle3Dt7+8MolXQU+ScS8wKUu8wV5HdFb3FDRdROQvTQoUB9AAHUOt
8BXwRNCvFby4NubrlsoFEGN/K/96ecF7N5Nnj/9BydkjPQniLt/SfToPKUjrqXvQ
MJmuXySwKh2j39w+G1fP2IqnwhPgtsb8nZuPDIrzt+nUvNttFPiP7QRaiIaHR8ni
WRhCVyEoYvgUtU/8iIvPx0AdW1PbigVvXckg5DvyrnTjIVQ18oM4yVpc1ACEeUiJ
p9L2ulXuACkiAUJ0
-----END CERTIFICATE-----</chain>
</certificate_chain>