RESTful Server Configuration Management Interface for Oracle WebLogic Server

View This Certificate Management

get

/management/weblogic/{version}/serverConfig/securityConfiguration/certificateManagement

View this certificate management.

Request

Path Parameters

version(required): string

The version of the WebLogic REST interface.

Query Parameters

excludeFields: string

The 'excludeFields' query parameter is used to restrict which fields are returned in the response. It is a comma separated list of field names. If present, only fields whose name is not on the list will be returned. If not present, all fields are returned (unless the 'fields' query parameter is specified). Note: 'fields' must not be specified if 'excludeFields' is specified.
excludeLinks: string

The 'excludeLinks' query parameter is used to restrict which links are returned in the response. It is a comma separated list of link relationship names. If present, only links whose relationship name is not on the list will be returned. If not present, all links are returned (unless the 'links' query parameter is specified). Note: 'links' must not be specified if 'excludeLinks' is specified.
fields: string

The 'fields' query parameter is used to restrict which fields are returned in the response. It is a comma separated list of field names. If present, only fields with matching names are returned. If not present, all fields are returned (unless the 'excludeFields' query parameter is specified). Note: 'excludeFields' must not be specified if 'fields' is specified.
links: string

The 'links' query parameter is used to restrict which links are returned in the response. It is a comma separated list of link relationship names. If present, only links with matching relationship names are returned. If not present, all links are returned (unless the 'excludeLinks' query parameter is specified). Note: 'excludeLinks' must not be specified if 'links' is specified.

Security

Admin: basic

Type: basic

Description: A user in the Admin security role.
Deployer: basic

Type: basic

Description: A user in the Deployer security role.
Monitor: basic

Type: basic

Description: A user in the Monitor security role.
Operator: basic

Type: basic

Description: A user in the Operator security role.

Response

Supported Media Types

application/json

200 Response

Returns this certificate management.

This method can return the following links:

rel=certificateIssuerPlugins uri=/management/weblogic/{version}/serverConfig/securityConfiguration/certificateManagement/certificateIssuerPlugins
This resource's certificateIssuerPlugins collection resource.
rel=configurationProperties uri=/management/weblogic/{version}/serverConfig/securityConfiguration/certificateManagement/configurationProperties
This resource's configurationProperties collection resource.

Root Schema : Certificate Management

Type: object

Show Source

certificateAuthorityValidityPeriod: integer(int32)

Minimum Value: 45

Maximum Value: 1825

Default Value: 365

Returns the validity period (certificate lifetime) that the Domain Certificates Issuer should set when generating a new Certificate Authority certificate. The validity period is expressed in days.
certificateCheckInterval: integer(int32)

Minimum Value: 1

Maximum Value: 7

Default Value: 1

Returns the certificate check interval -- how often the Certificate Management Service should check for/refresh expiring certificates (in days).
certificateRefreshWindow: integer(int32)

Minimum Value: 5

Maximum Value: 30

Default Value: 10

Returns the certificate refresh window. The Certificate Management Service will refresh an expiring certificate when its remaining lifetime is less than this number of days.
certificateValidityPeriod: integer(int32)

Minimum Value: 15

Maximum Value: 365

Default Value: 90

Returns the validity period (certificate lifetime) that the Domain Certificates Issuer should set when generating a new certificate. The validity period is expressed in days.
dynamicallyCreated: boolean

Read Only: true

Default Value: false

Return whether the MBean was created dynamically or is persisted to config.xml
enabled: boolean

Default Value: false

Returns true or false to indicate whether the Certificate Management Service is enabled or not.
id: integer(int64)

Read Only: true

Return the unique id of this MBean instance
includeRootCertificateInChain: boolean

Default Value: true

Whether the Domain Certificates Issuer should include the self-signed root CA in the certificate chain for a generated certificate.
javaStandardTrustEnabled: boolean

Default Value: false

Whether or not the domain should trust the Java Standard Trust certificates, in addition to the Domain Certificate Authority certificate(s) and any Provisioned Trust certificates. Java Standard Trust is a collection of well-known, trusted root certificate authorities distributed (and updated) as part of the JDK.
name: string
Read Only: true
The user-specified name of this MBean instance.
This name is included as one of the key properties in the MBean's javax.management.ObjectName
Name=user-specified-name
Constraints
- legal null
notes: string

Optional information that you can include to describe this configuration.
WebLogic Server saves this note in the domain's configuration file (config.xml) as XML PCDATA. All left angle brackets (<) are converted to the xml entity <. Carriage returns/line feeds are preserved.
Note: If you create or edit a note from the Administration Console, the Administration Console does not preserve carriage returns/line feeds.


            
            
            provisionedCertificatesIssuerEnabled: 
            boolean
            
                
                


















Default Value: false







Returns true or false to indicate whether the Provisioned Certificates Issuer is enabled or not.




                
            
            
            
            
            singlePurposeCertificatesEnabled: 
            boolean
            
                
                


















Default Value: false







Returns the single purpose certificates enabled value: whether the Domain Certificates Issuer should generate separate, single-purpose certificates for different purposes (server authentication, client authentication, signing and encryption), or generate one certificate that supports all those purposes.
Constraints
secure default : true




                
            
            
            
            
            subjectAlternativeNames: 
            string
            
                
                


















Default Value: hostname, address, loopback, listen_address_all, virtual_host_all







A space- or comma-separated list of words representing the Subject Alternative Names that the Domain Certificates Issuer should include when generating a server certificate.
Each word must be one of the subject name constants defined by the CertificateConfigurationConstants interface. When generating a certificate, the Certificate Management Service replaces each constant with the corresponding value(s) obtained from the target server's configuration or the host it's running on.
The certificate's CN attribute will be included as a Subject Alternative Name even if it is not explicitly configured here.




                
            
            
            
            
            subjectCommonName: 
            string
            
                
                


















Default Value: hostname



Allowed Values: [
    "hostname",
    "listen_address"
]





The name the Domain Certificates Issuer should use for the CN attribute of a certificate's Subject: either the local hostname (hostname) or the server's listen address (listen_address).
If no listen address is configured for the server, hostname will be used instead, regardless of the value set here.
The CN value will also be added as a Subject Alternative Name (even if it is not explicitly configured as a Subject Alternative Name).




                
            
            
            
            
            tags: 
            array  Items
            
            
                
                
Title: Items





















Return all tags on this Configuration MBean


                
            
            
            
            
            type: 
            string
            
                
                


Read Only: true























Returns the type of the MBean.
Constraints
unharvestable


        {
    "type":"object",
    "properties":{
        "certificateAuthorityValidityPeriod":{
            "default":365,
            "minimum":45,
            "maximum":1825,
            "type":"integer",
            "format":"int32",
            "description":"<p>Returns the validity period (certificate lifetime) that the Domain Certificates Issuer should set when generating a new Certificate Authority certificate. The validity period is expressed in days.</p>"
        },
        "certificateCheckInterval":{
            "default":1,
            "minimum":1,
            "maximum":7,
            "type":"integer",
            "format":"int32",
            "description":"<p>Returns the certificate check interval -- how often the Certificate Management Service should check for/refresh expiring certificates (in days).</p>"
        },
        "certificateRefreshWindow":{
            "default":10,
            "minimum":5,
            "maximum":30,
            "type":"integer",
            "format":"int32",
            "description":"<p>Returns the certificate refresh window. The Certificate Management Service will refresh an expiring certificate when its remaining lifetime is less than this number of days.</p>"
        },
        "certificateValidityPeriod":{
            "default":90,
            "minimum":15,
            "maximum":365,
            "type":"integer",
            "format":"int32",
            "description":"<p>Returns the validity period (certificate lifetime) that the Domain Certificates Issuer should set when generating a new certificate. The validity period is expressed in days.</p>"
        },
        "dynamicallyCreated":{
            "readOnly":true,
            "default":false,
            "type":"boolean",
            "description":"<p>Return whether the MBean was created dynamically or is persisted to config.xml</p>"
        },
        "enabled":{
            "default":false,
            "type":"boolean",
            "description":"<p>Returns true or false to indicate whether the Certificate Management Service is enabled or not.</p>"
        },
        "id":{
            "readOnly":true,
            "type":"integer",
            "format":"int64",
            "description":"<p>Return the unique id of this MBean instance</p>"
        },
        "includeRootCertificateInChain":{
            "default":true,
            "type":"boolean",
            "description":"<p>Whether the Domain Certificates Issuer should include the self-signed root CA in the certificate chain for a generated certificate.</p>"
        },
        "javaStandardTrustEnabled":{
            "default":false,
            "type":"boolean",
            "description":"<p>Whether or not the domain should trust the Java Standard Trust certificates, in addition to the Domain Certificate Authority certificate(s) and any Provisioned Trust certificates. Java Standard Trust is a collection of well-known, trusted root certificate authorities distributed (and updated) as part of the JDK.</p>"
        },
        "name":{
            "readOnly":true,
            "x-weblogic-legalNull":true,
            "type":"string",
            "description":"<p>The user-specified name of this MBean instance.</p><p>This name is included as one of the key properties in the MBean's <code>javax.management.ObjectName</code></p><p><code>Name=<i>user-specified-name</i></code></p><p><h5>Constraints</h5></p><ul><li>legal null</li></ul>"
        },
        "notes":{
            "type":"string",
            "description":"<p>Optional information that you can include to describe this configuration.</p><p>WebLogic Server saves this note in the domain's configuration file (<code>config.xml</code>) as XML PCDATA. All left angle brackets (<) are converted to the XML entity <code>&lt;</code>. Carriage returns/line feeds are preserved.</p><p>Note: If you create or edit a note from the Administration Console, the Administration Console does not preserve carriage returns/line feeds.</p>"
        },
        "provisionedCertificatesIssuerEnabled":{
            "default":false,
            "type":"boolean",
            "description":"<p>Returns true or false to indicate whether the Provisioned Certificates Issuer is enabled or not.</p>"
        },
        "singlePurposeCertificatesEnabled":{
            "x-weblogic-secureDefault":true,
            "default":false,
            "type":"boolean",
            "description":"<p>Returns the single purpose certificates enabled value: whether the Domain Certificates Issuer should generate separate, single-purpose certificates for different purposes (server authentication, client authentication, signing and encryption), or generate one certificate that supports all those purposes.</p><p><h5>Constraints</h5></p><ul><li>secure default : true</li></ul>"
        },
        "subjectAlternativeNames":{
            "default":"hostname, address, loopback, listen_address_all, virtual_host_all",
            "type":"string",
            "description":"<p>A space- or comma-separated list of words representing the Subject Alternative Names that the Domain Certificates Issuer should include when generating a server certificate.</p><p>Each word must be one of the subject name constants defined by the CertificateConfigurationConstants interface. When generating a certificate, the Certificate Management Service replaces each constant with the corresponding value(s) obtained from the target server's configuration or the host it's running on.</p><p>The certificate's CN attribute will be included as a Subject Alternative Name even if it is not explicitly configured here.</p>"
        },
        "subjectCommonName":{
            "default":"hostname",
            "enum":[
                "hostname",
                "listen_address"
            ],
            "type":"string",
            "description":"<p>The name the Domain Certificates Issuer should use for the CN attribute of a certificate's Subject: either the local hostname (<code>hostname</code>) or the server's listen address (<code>listen_address</code>).</p><p>If no listen address is configured for the server, hostname will be used instead, regardless of the value set here.</p><p>The CN value will also be added as a Subject Alternative Name (even if it is not explicitly configured as a Subject Alternative Name).</p>"
        },
        "tags":{
            "title":"Items",
            "type":"array",
            "items":{
                "type":"string",
                "description":""
            },
            "description":"<p>Return all tags on this Configuration MBean</p>"
        },
        "type":{
            "readOnly":true,
            "x-weblogic-unharvestable":true,
            "type":"string",
            "description":"<p>Returns the type of the MBean.</p><p><h5>Constraints</h5></p><ul><li>unharvestable</li></ul>"
        }
    },
    "description":""
}



                    
                    
    Nested Schema : Items
    
      
      Type: array
    

    

    
    Title: Items
    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    

    
    Return all tags on this Configuration MBean
    

    

    

    
    
        Show Source
        
            
            
            Array of: 
                string
            
            
                
                





























                
            
            
            
        
        {
    "title":"Items",
    "type":"array",
    "items":{
        "type":"string",
        "description":""
    },
    "description":"<p>Return all tags on this Configuration MBean</p>"
}


                

				Back to Top