Manage keys
- Updated: 2020/05/12
Manage keys
As a user with the AAE_Admin
role, you can use the Credential Vault API to generate, save, check the status of, and apply keys.
Generate a Public/Private key pair after a fresh Control Room installation
This URL can only be used after a fresh installation. After generating the key pair, use the following URL to save the keys. Once the keys are saved, no more keys can be generated for this Control Room.
POST http://<your_control_room_url>/v2/credentialvault/keys
Response:
{
"privateKey": "string",
"publicKey": "string"
}
Save a Public/Private key pair and mode after a Public/Private key pair is generated
Use the URL above to generate a Public/Private key pair, then use this endpoint to
save the key pair. This URL generates a Data encryption key and opens the Credential Vault.
Note: New keys cannot be generated after a key pair
is saved.
PUT http://<your_control_room_url>/v2/credentialvault/keys
Body parameters:
Field | Required | Description |
---|---|---|
publicKey
|
Required | Provides the Public key from the key pair generated with the URL above. |
privateKey
|
Required | Provides the Private key from the key pair generated with the URL above. |
mode
|
Required | Specifies the Credential Vault mode. Possible values: Express or Custom |
Response:
204 Keys are saved
Check if Private key has been applied or not
Use this endpoint to check the Credential Vault status. If the Private key has been applied, the Credential Vault is unlocked.
GET http://<your_control_room_url>/v2/credentialvault/keys/private
Response: The response returns if the Private key has been applied or not.
{
"applied": true/false
}
Apply Private key to unlock the Credential Vault after restarting the Control Room in manual mode
PUT http://<your_control_room_url>/v2/credentialvault/keys/private
Body parameters:
Field | Required | Description |
---|---|---|
privateKey
|
Required | Unlocks the Credential Vault using the private key that was generated after Control Room installation. See Generate Private/Public key pair |
Response:
Private key has been successfully applied
Retrieve RSA Public key encoded with Base64.
GET http://<your_control_room_url>/v2/credentialvault/keys/transport/public
Response:
{
"publicKey": "string"
}