Skip To Content

Generate Certificate

Description

This operation can be used to create a self-signed certificate or as a starting point for getting a production-ready CA-signed certificate. The portal will generate a certificate for you and store it in its keystore.

Note:

This operation is not accessible for highly available portals. In such instances, a counterpart Generate Certificate operation should be used in its place. For more information on high availability, see Import a certificate into the portal.

Request parameters

ParameterDetails
alias

(Required)

The name of the certificate.

Example

alias=myselfsignedcertificate
keyAlg

The algorithm used to generate the key pairs. The default is RSA.

Example

keyAlg=RSA
keySize

The size of the key. The default is 1024.

Example

keySize=2048
sigAlg

The algorithm used to sign the self-signed certificates. The default is derived from the keyalg parameter.

Example

sigAlg=SHA256withRSA
cn

(Required)

The common name used to identify the server for which the certificate is to be generated.

Example

cn=SERVER.DOMAIN.COM
orgUnit

The department in which this server resides.

Example

orgUnit=development
org

(Required)

The name of the organization.

Example

org=DOMAIN.COM
city

The name of the city.

Example

city=Buffalo
state

The name of the state.

Example

state=NY
country

The two-letter abbreviation for the country.

Example

country=US
validity

The expiration time for the certificate in days. The default is 90.

Example

validity=120
san

The certificate's Subject Alternative Name. This value can be a machine name or an IP address, but it must be prefixed by either DNS: or IP:. Multiple values are supported, and must be separated by a comma without any spaces.

Example

san=DNS:SERVER.DOMAIN.COM
f

The response format. The default response format is html.

Values: html | json | pjson

Example usage

Below is a sample request URL for generateCertificate:


POST /webadaptor/portaladmin/security/sslCertificates/generate HTTP/1.1
Host: machine.domain.com
Content-Type: application/x-www-form-urlencoded
Content-Length: []

alias=mycert&keyAlg=RSA&keySize=2048&sigAlg=SHA256withRSA&cn=MACHINE.ESRI.COM&orgUnit=Development&org=ESRI&city=Redlands&state=California&country=US&validity=90&san=DNS:machine.esri.com

JSON Response example

{"status": "success"}