- URL:https://<sslCertificates-url>/ generateCertificate(POST only)
- Required Capability:Single machine environment | Default administrator role | Security and infrastructure privilege
- Version Introduced:10.3
Description
This operation can be used to create a self-signed certificate or as a starting point for getting a production-ready CA-signed certificate. The portal will generate a certificate for you and store it in its keystore.
Note:
This operation is not accessible for highly available portals. In such instances, a counterpart Generate Certificate operation should be used in its place. For more information on high availability, see Import a certificate into the portal.
Request parameters
| Parameter | Details |
|---|---|
| alias (Required) | The name of the certificate. Example |
| keyAlg | The algorithm used to generate the key pairs. The default is RSA. Example |
| keySize | The size of the key. The default is 1024. Example |
| sigAlg | The algorithm used to sign the self-signed certificates. The default is derived from the keyalg parameter. Example |
| cn (Required) | The common name used to identify the server for which the certificate is to be generated. Example |
| orgUnit | The department in which this server resides. Example |
| org (Required) | The name of the organization. Example |
| city | The name of the city. Example |
| state | The name of the state. Example |
| country | The two-letter abbreviation for the country. Example |
| validity | The expiration time for the certificate in days. The default is 90. Example |
| san | The certificate's Subject Alternative Name. This value can be a machine name or an IP address, but it must be prefixed by either DNS: or IP:. Multiple values are supported, and must be separated by a comma without any spaces. Example |
| f | The response format. The default response format is html. Values: html | json | pjson |
Example usage
Below is a sample request URL for generateCertificate:
POST /webadaptor/portaladmin/security/sslCertificates/generate HTTP/1.1
Host: machine.domain.com
Content-Type: application/x-www-form-urlencoded
Content-Length: []
alias=mycert&keyAlg=RSA&keySize=2048&sigAlg=SHA256withRSA&cn=MACHINE.ESRI.COM&orgUnit=Development&org=ESRI&city=Redlands&state=California&country=US&validity=90&san=DNS:machine.esri.com
JSON Response example
{"status": "success"}