This operation creates a key management server.
Request
Syntax
Send the request using either XML or JSON:
XML
POST <webservice>/CommCell/KeyManagementServers HTTP/1.1
Host: <host name>
Accept: application/xml
Authtoken: <authentication token>
Content-type: application/xml
<create_key_management_server_template.xml>JSON
POST <webservice>/CommCell/KeyManagementServers HTTP/1.1
Host: <host name>
Accept: application/json
Authtoken: <authentication token>
Content-type: application/json
<create_key_management_server_template.json>
where <webservice> is the root path that routes the API requests to the Web Server.
For more information, see Available Web Services for REST API.
Request Headers
Name | Description |
---|---|
Host | The host name of the Web Server or the Web Console that is used in the API request. |
Accept | The format of the response. Valid values are: application/xml or application/json. |
Authtoken | The authentication token that you receive after successfully logging on. For information about receiving an authentication token, see Authentication. |
Content-type | The media type that is contained in the request body. |
Request Body
Download the XML or JSON file required for this request: create_key_management_server_template.xml or create_key_management_server_template.json. The following table displays the parameters for the request body.
Parameter | Description and Parameter Values | Element |
---|---|---|
keyProviderName | The name of the key provider | provider |
keyProviderType | The provider type of the key management server. Valid values are:
| keyProvider |
encryptionType | The cipher to use for data encryption. Valid values are:
| keyProvider |
encryptionKeyLength | The key length to use with the Advanced Encryption Standard (AES) cipher. Valid values are:
| keyProvider |
host | The IP address or hostname of the third-party key management server. If you have a cluster server setup, then specify the host values of all servers, separated by a comma. | properties |
port | The port used by the key management server. If you have a cluster server setup, then all servers must use the same port. | properties |
certFilePath | The location of the client certificate. | properties |
sslPassPhrase | The passphrase of the certificate, if a passphrase is set. | properties |
keyFilePath | The location of the client certificate key. | properties |
caCertFilePath | The location of the key management server certificate authority (CA) certificate. | properties |
regionName | The region where AWS hosts the key management service. | properties |
userName | The AWS Access Key. | userAccount |
password | The AWS Secret Access Key. | userAccount |
passphrase | The passphrase for the passphrase key management server. | userAccount |
clientName | The name of the client that stores the passphrase file for a passphrase key management server. | client |
path | The location to export the passphrase file for a passphrase key management server to. | filePath |
Response
Response Parameters
Parameter | Description | Element |
---|---|---|
errorCode | The possible error codes. Valid values are:
| App_GenericKeyProviderResp |
Examples
Sample Request
This request creates a key management server.
XML
POST <webservice>/CommCell/KeyManagementServers HTTP/1.1
Host: client.mydomain.com
Accept: application/xml
Authtoken: QSDK 38568012f4d1e8ee1841d283a47aa3ba78e124ea58354b5fc6
0f4dab8a63347d05cf5552484dafda3bfa4c5db84e580b1cb37bcf8e65b39f7f
8549a443e6f78a2c7be3f31b3d845e24776c835e498e8e883bb40c46bd15af4f
40ca94e823acedcdd4e9659e74b34a07a85c4586cd2ed914b6dce015874783ef7
68fda78183a4208930954a377f66eb56c8b92cexampl4s437a19317ca6ce7f323
3d5a01aca35dbad93468b833f2cf71010809006a937670adce711ca8be46638e8
Content-type: application/xml
<App_AddEncKeyProviderReq>
<keyProvider>
<provider>
<keyProviderName>AWS</keyProviderName>
</provider>
<keyProviderType>3</keyProviderType>
<encryptionType>3</encryptionType>
<encryptionKeyLength>128</encryptionKeyLength>
<properties>
<host></host>
<port></port>
<certFilePath></certFilePath>
<sslPassPhrase></sslPassPhrase>
<keyFilePath></keyFilePath>
<caCertFilePath></caCertFilePath>
<regionName>US East (Ohio)</regionName>
<userAccount>
<userName>AKIAJ2N4YJUMDWM2NYEA</userName>
<password>f09Ly5Vp9gNYTmgWSxSPwz94GDbzQWqXAybYG0PQ</password>
</userAccount>
<passphrase></passphrase>
<passphraseClient>
<client>
<clientName></clientName>
</client>
<filePath>
<path></path>
</filePath>
</passphraseClient>
</properties>
</keyProvider>
</App_AddEncKeyProviderReq>
JSON
POST <webservice>/CommCell/KeyManagementServers HTTP/1.1
Host: client.mydomain.com
Accept: application/json
Authtoken: QSDK 38568012f4d1e8ee1841d283a47aa3ba78e124ea58354b5fc6
0f4dab8a63347d05cf5552484dafda3bfa4c5db84e580b1cb37bcf8e65b39f7f
8549a443e6f78a2c7be3f31b3d845e24776c835e498e8e883bb40c46bd15af4f
40ca94e823acedcdd4e9659e74b34a07a85c4586cd2ed914b6dce015874783ef7
68fda78183a4208930954a377f66eb56c8b92cexampl4s437a19317ca6ce7f323
3d5a01aca35dbad93468b833f2cf71010809006a937670adce711ca8be46638e8
Content-type: application/json
{
"keyProvider": {
"provider": { "keyProviderName":"AWS"},
"keyProviderType":3,
"encryptionType":3,
"encryptionKeyLength":128,
"properties": {
"regionName":"US East (Ohio)",
"userAccount": {
"userName": "AKIAJ2N4YJUMDWM2NYEA",
"password": "f09Ly5Vp9gNYTmgWSxSPwz94GDbzQWqXAybYG0PQ"
},
"passphraseClient":[
{
"client": {
},
"filePath": {
}
}
]
}
}
}
Sample Response
XML
<App_GenericKeyProviderResp errorCode="0"/>
JSON
{
"errorCode": 0
}