This operation creates a key management server.
Request
Syntax
Send the request using either XML or JSON:
-
XML
POST <webservice>/CommCell/KeyManagementServers HTTP/1.1 Host: <host name> Accept: application/xml Authtoken: <authentication token> Content-type: application/xml <create_key_management_server_template.xml>
-
JSON
POST <webservice>/CommCell/KeyManagementServers HTTP/1.1 Host: <host name> Accept: application/json Authtoken: <authentication token> Content-type: application/json <create_key_management_server_template.json>
where <webservice> is the root path that routes the API requests to the Web Server.
For more information, see Available Web Services for REST API.
Request Headers
Name |
Description |
---|---|
Host |
The host name of the Web Server or the Web Console that is used in the API request. |
Accept |
The format of the response. Valid values are: application/xml or application/json. |
Authtoken |
The authentication token that you receive after successfully logging on. For information about receiving an authentication token, see Authentication. |
Content-type |
The media type that is contained in the request body. |
Request Body
Download the XML or JSON file required for this request: create_key_management_server_template.xml or create_key_management_server_template.json. The following table displays the parameters for the request body.
Parameter |
Description and Parameter Values |
Element |
---|---|---|
keyProviderName |
The name of the key provider |
provider |
keyProviderType |
The provider type of the key management server. Valid values are:
|
keyProvider |
encryptionType |
The cipher to use for data encryption. Valid values are:
|
keyProvider |
encryptionKeyLength |
The key length to use with the Advanced Encryption Standard (AES) cipher. Valid values are:
|
keyProvider |
host |
The IP address or hostname of the third-party key management server. If you have a cluster server setup, then specify the host values of all servers, separated by a comma. |
properties |
port |
The port used by the key management server. If you have a cluster server setup, then all servers must use the same port. |
properties |
certFilePath |
The location of the client certificate. |
properties |
sslPassPhrase |
The passphrase of the certificate, if a passphrase is set. |
properties |
keyFilePath |
The location of the client certificate key. |
properties |
caCertFilePath |
The location of the key management server certificate authority (CA) certificate. |
properties |
regionName |
The region where AWS hosts the key management service. |
properties |
userName |
The AWS Access Key. |
userAccount |
password |
The AWS Secret Access Key. |
userAccount |
passphrase |
The passphrase for the passphrase key management server. |
userAccount |
clientName |
The name of the client that stores the passphrase file for a passphrase key management server. |
client |
path |
The location to export the passphrase file for a passphrase key management server to. |
filePath |
Response
Response Parameters
Parameter |
Description |
Element |
---|---|---|
errorCode |
The possible error codes. Valid values are:
|
App_GenericKeyProviderResp |
Examples
Sample Request
This request creates a key management server.
XML
POST <webservice>/CommCell/KeyManagementServers HTTP/1.1
Host: client.mydomain.com
Accept: application/xml
Authtoken: QSDK 38568012f4d1e8ee1841d283a47aa3ba78e124ea58354b5fc6
0f4dab8a63347d05cf5552484dafda3bfa4c5db84e580b1cb37bcf8e65b39f7f
8549a443e6f78a2c7be3f31b3d845e24776c835e498e8e883bb40c46bd15af4f
40ca94e823acedcdd4e9659e74b34a07a85c4586cd2ed914b6dce015874783ef7
68fda78183a4208930954a377f66eb56c8b92cexampl4s437a19317ca6ce7f323
3d5a01aca35dbad93468b833f2cf71010809006a937670adce711ca8be46638e8
Content-type: application/xml
<App_AddEncKeyProviderReq>
<keyProvider>
<provider>
<keyProviderName>AWS</keyProviderName>
</provider>
<keyProviderType>3</keyProviderType>
<encryptionType>3</encryptionType>
<encryptionKeyLength>128</encryptionKeyLength>
<properties>
<host></host>
<port></port>
<certFilePath></certFilePath>
<sslPassPhrase></sslPassPhrase>
<keyFilePath></keyFilePath>
<caCertFilePath></caCertFilePath>
<regionName>US East (Ohio)</regionName>
<userAccount>
<userName>AKIAJ2N4YJUMDWM2NYEA</userName>
<password>f09Ly5Vp9gNYTmgWSxSPwz94GDbzQWqXAybYG0PQ</password>
</userAccount>
<passphrase></passphrase>
<passphraseClient>
<client>
<clientName></clientName>
</client>
<filePath>
<path></path>
</filePath>
</passphraseClient>
</properties>
</keyProvider>
</App_AddEncKeyProviderReq>
JSON
POST <webservice>/CommCell/KeyManagementServers HTTP/1.1
Host: client.mydomain.com
Accept: application/json
Authtoken: QSDK 38568012f4d1e8ee1841d283a47aa3ba78e124ea58354b5fc6
0f4dab8a63347d05cf5552484dafda3bfa4c5db84e580b1cb37bcf8e65b39f7f
8549a443e6f78a2c7be3f31b3d845e24776c835e498e8e883bb40c46bd15af4f
40ca94e823acedcdd4e9659e74b34a07a85c4586cd2ed914b6dce015874783ef7
68fda78183a4208930954a377f66eb56c8b92cexampl4s437a19317ca6ce7f323
3d5a01aca35dbad93468b833f2cf71010809006a937670adce711ca8be46638e8
Content-type: application/json
{
"keyProvider": {
"provider": { "keyProviderName":"AWS"},
"keyProviderType":3,
"encryptionType":3,
"encryptionKeyLength":128,
"properties": {
"regionName":"US East (Ohio)",
"userAccount": {
"userName": "AKIAJ2N4YJUMDWM2NYEA",
"password": "f09Ly5Vp9gNYTmgWSxSPwz94GDbzQWqXAybYG0PQ"
},
"passphraseClient":[
{
"client": {
},
"filePath": {
}
}
]
}
}
}
Sample Response
XML
<App_GenericKeyProviderResp errorCode="0"/>
JSON
{
"errorCode": 0
}