Upload and Retrieve the Root Certificate (original) (raw)

For the POST method, success gives 200 OK, and returns the readable text of the uploaded certificate. Additionally, warnings may be displayed — for example, if the root certificate is uploaded (as may be expected) prior to the uploading of corresponding node certificates (whereby the current node certificates have not been signed by the new root), the warning may be as follows: [{"node":"ns_1@127.0.0.1","message":"Certificate is not signed with cluster CA."}]. Failure to authenticate gives 401 Unauthorized. An incorrectly specified URI fails with 404 Object Not Found. Failure to specify an appropriately configured certificate fails with 400 Bad Request and the notification {"error":"Malformed certificate"} (the message Couldn’t read data from file may also be displayed). An incorrectly specified IP address or domain name causes the attempted connection to time out, with a Failed to connect notification.

If GET /pools/default/certificates, which is deprecated in version 7.1, is used on a cluster with more than one root CA, 400 Bad Request is returned, with the following error message: deprecated, please use /pools/default/trustedCAs.

If the POST method and /controller/uploadClusterCA URI (which are deprecated in 7.1) is used from a host other than localhost, 400 Bad Request is returned, with the following error message:API is accessible from localhost only (this behavior can be changed by means of POST /settings/security/allowNonLocalCACertUpload, see documentation for details).

For the GET method and /pools/default/certificate URI, success gives 200 OK, and returns the readable text of the uploaded certificate. Failure to authenticate gives 401 Unauthorized. A malformed URI fails, with 404 Object Not Found. An incorrectly specified IP address or domain name causes the attempted connection to time out, with a Failed to connect notification.