Create Key with PKCS12 File
POST {{apiPath}}/environments/{{envID}}/keysThe POST {{apiPath}}/environments/{{envID}}/keys operation creates a new key resource for the specified environment. It creates a key from an upload of a PKSCS12 file. Properties returned in the response are parsed from the uploaded file.
The PKSCS12 file can be encrypted or unencrypted. If the file is encrypted without a specified export password, an INVALID_DATA error is returned.
This operation also supports the application/x-pkcs12-certificates media type to upload a pkcs12 file instead of posting the key attributes in the request body.
The response returns a 201 Created message and shows the certificate data parsed from the uploaded certificate file.
Prerequisites
-
Refer to Certificate Management for important overview information.
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/environments/{{envID}}/keys' \
--header 'Authorization: Bearer {{accessToken}}' \
--form 'file=@"/Users/kbentley/Downloads/keyStore.p12"' \
--form 'usageType="ENCRYPTION"' \
--form 'password="Optional for encrypted files"'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/keys")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Authorization", "Bearer {{accessToken}}");
request.AlwaysMultipartFormData = true;
request.AddFile("file", "/Users/kbentley/Downloads/keyStore.p12");
request.AddParameter("usageType", "ENCRYPTION");
request.AddParameter("password", "Optional for encrypted files");
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"bytes"
"mime/multipart"
"os"
"path/filepath"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/keys"
method := "POST"
payload := &bytes.Buffer{}
writer := multipart.NewWriter(payload)
file, errFile1 := os.Open("/Users/kbentley/Downloads/keyStore.p12")
defer file.Close()
part1,
errFile1 := writer.CreateFormFile("file",filepath.Base("/Users/kbentley/Downloads/keyStore.p12"))
_, errFile1 = io.Copy(part1, file)
if errFile1 != nil {
fmt.Println(errFile1)
return
}
_ = writer.WriteField("usageType", "ENCRYPTION")
_ = writer.WriteField("password", "Optional for encrypted files")
err := writer.Close()
if err != nil {
fmt.Println(err)
return
}
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Authorization", "Bearer {{accessToken}}")
req.Header.Set("Content-Type", writer.FormDataContentType())
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /environments/{{envID}}/keys HTTP/1.1
Host: {{apiPath}}
Authorization: Bearer {{accessToken}}
Content-Length: 418
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW
------WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Disposition: form-data; name="file"; filename="keyStore.p12"
Content-Type: <Content-Type header here>
(data)
------WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Disposition: form-data; name="usageType"
ENCRYPTION
------WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Disposition: form-data; name="password"
Optional for encrypted files
------WebKitFormBoundary7MA4YWxkTrZu0gW--OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = new MultipartBody.Builder().setType(MultipartBody.FORM)
.addFormDataPart("file","keyStore.p12",
RequestBody.create(MediaType.parse("application/octet-stream"),
new File("/Users/kbentley/Downloads/keyStore.p12")))
.addFormDataPart("usageType","ENCRYPTION")
.addFormDataPart("password","Optional for encrypted files")
.build();
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/keys")
.method("POST", body)
.addHeader("Authorization", "Bearer {{accessToken}}")
.addHeader("Content-Length", "")
.build();
Response response = client.newCall(request).execute();var form = new FormData();
form.append("file", fileInput.files[0], "keyStore.p12");
form.append("usageType", "ENCRYPTION");
form.append("password", "Optional for encrypted files");
var settings = {
"url": "{{apiPath}}/environments/{{envID}}/keys",
"method": "POST",
"timeout": 0,
"headers": {
"Authorization": "Bearer {{accessToken}}",
"Content-Length": ""
},
"processData": false,
"mimeType": "multipart/form-data",
"contentType": false,
"data": form
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var fs = require('fs');
var options = {
'method': 'POST',
'url': '{{apiPath}}/environments/{{envID}}/keys',
'headers': {
'Authorization': 'Bearer {{accessToken}}',
'Content-Length': ''
},
formData: {
'file': {
'value': fs.createReadStream('/Users/kbentley/Downloads/keyStore.p12'),
'options': {
'filename': 'keyStore.p12',
'contentType': null
}
},
'usageType': 'ENCRYPTION',
'password': 'Optional for encrypted files'
}
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
url = "{{apiPath}}/environments/{{envID}}/keys"
payload = {'usageType': 'ENCRYPTION',
'password': 'Optional for encrypted files'}
files=[
('file',('keyStore.p12',open('/Users/kbentley/Downloads/keyStore.p12','rb'),'application/octet-stream'))
]
headers = {
'Authorization': 'Bearer {{accessToken}}',
'Content-Length': ''
}
response = requests.request("POST", url, headers=headers, data=payload, files=files)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/keys');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Authorization' => 'Bearer {{accessToken}}',
'Content-Length' => ''
));
$request->addPostParameter(array(
'usageType' => 'ENCRYPTION',
'password' => 'Optional for encrypted files'
));
$request->addUpload('file', '/Users/kbentley/Downloads/keyStore.p12', 'keyStore.p12', '<Content-Type Header>');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/keys")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Authorization"] = "Bearer {{accessToken}}"
request["Content-Length"] = ""
form_data = [['file', File.open('/Users/kbentley/Downloads/keyStore.p12')],['usageType', 'ENCRYPTION'],['password', 'Optional for encrypted files']]
request.set_form form_data, 'multipart/form-data'
response = http.request(request)
puts response.read_bodylet parameters = [
[
"key": "file",
"src": "/Users/kbentley/Downloads/keyStore.p12",
"type": "file"
],
[
"key": "usageType",
"value": "ENCRYPTION",
"type": "text"
],
[
"key": "password",
"value": "Optional for encrypted files",
"type": "text"
]] as [[String: Any]]
let boundary = "Boundary-\(UUID().uuidString)"
var body = Data()
var error: Error? = nil
for param in parameters {
if param["disabled"] != nil { continue }
let paramName = param["key"]!
body += Data("--\(boundary)\r\n".utf8)
body += Data("Content-Disposition:form-data; name=\"\(paramName)\"".utf8)
if param["contentType"] != nil {
body += Data("\r\nContent-Type: \(param["contentType"] as! String)".utf8)
}
let paramType = param["type"] as! String
if paramType == "text" {
let paramValue = param["value"] as! String
body += Data("\r\n\r\n\(paramValue)\r\n".utf8)
} else {
let paramSrc = param["src"] as! String
let fileURL = URL(fileURLWithPath: paramSrc)
if let fileContent = try? Data(contentsOf: fileURL) {
body += Data("; filename=\"\(paramSrc)\"\r\n".utf8)
body += Data("Content-Type: \"content-type header\"\r\n".utf8)
body += Data("\r\n".utf8)
body += fileContent
body += Data("\r\n".utf8)
}
}
}
body += Data("--\(boundary)--\r\n".utf8);
let postData = body
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/keys")!,timeoutInterval: Double.infinity)
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.addValue("", forHTTPHeaderField: "Content-Length")
request.addValue("multipart/form-data; boundary=\(boundary)", forHTTPHeaderField: "Content-Type")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
201 Created
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/keys/611b9a62-048b-4821-b636-d024e3b91145"
}
},
"id": "611b9a62-048b-4821-b636-d024e3b91145",
"serialNumber": 12737138739537859429,
"subjectDN": "O=ping, ST=Some-State, C=CA",
"issuerDN": "O=ping, ST=Some-State, C=CA",
"algorithm": "RSA",
"keyLength": 4096,
"createdAt": "2020-12-16T20:26:46.540Z",
"startsAt": "2020-12-16T19:20:35.000Z",
"expiresAt": "2030-12-14T19:20:35.000Z",
"validityPeriod": 3650,
"signatureAlgorithm": "SHA256withRSA",
"usageType": "ENCRYPTION",
"status": "VALID",
"organization": {
"id": "bed432e6-676a-4ebe-b5a5-6b3b54e46bda"
},
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"default": false
}