Create Or Update Certificate
PUT {{gateway}}/certificates/:certificateId
Create Or Update Certificate konghq
- A certificate object represents a public certificate, and can be optionally paired with the corresponding private key. These objects are used by Kong to handle SSL/TLS termination for encrypted requests, or for use as a trusted CA store when validating peer certificate of client/service. Certificates are optionally associated with SNI objects to tie a cert/key pair to one or more hostnames.
- If intermediate certificates are required in addition to the main certificate, they should be concatenated together into one string according to the following order: main certificate on the top, followed by any intermediates.
Certificates can be both tagged and filtered by tags.
Inserts (or replaces) the Certificate under the requested resource with the definition specified in the body. The Certificate will be identified via the name or id attribute.
When the name or id attribute has the structure of a UUID, the Certificate being inserted/replaced will be identified by its id. Otherwise it will be identified by its name.
When creating a new Certificate without specifying id (neither in the URL nor in the body), then it will be auto-generated.
Notice that specifying a name in the URL and a different one in the request body is not allowed.
Path parameters
| Attributes | Mandatory | Type | Description |
|---|---|---|---|
| certificate id | required | path | The unique identifier of the Certificate to create or update. |
Request Body
| Attributes | Mandatory | Type | Description |
|---|---|---|---|
| cert | required | body | PEM-encoded public certificate chain of the SSL key pair. |
| key | required | body | PEM-encoded private key of the SSL key pair. |
| tags | optional | body | An optional set of strings associated with the Certificate, for grouping and filtering. |
| snis | optional | body | An array of zero or more hostnames to associate with this certificate as SNIs. This is a sugar parameter that will, under the hood, create an SNI object and associate it with this certificate for your convenience. To set this attribute this certificate must have a valid private key associated with it. |
Request Body
{"cert"=>"-----BEGIN CERTIFICATE-----...", "key"=>"-----BEGIN RSA PRIVATE KEY-----...", "tags"=>["user-level", "low-priority"]}
HEADERS
| Key | Datatype | Required | Description |
|---|---|---|---|
Content-Type | string |