All supported versions of the API Gateway
1. Ensure Restman service is published
https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-1/apis-and-toolkits/rest-management-api.html
2. Access Restman document
After you publish the Restman service, you can get the Help documentation from:
https://<GATEWAY_HOST>:8443/restman/1.0/doc/restDoc.html#1.0/trustedCertificates
3. Build the payload to create/update a certificate
As per #2, it requires the l7:TrustedCertificate element. Below is an example of the "l7:TrustedCertificate" payload:
<l7:TrustedCertificate xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
<l7:Name>CERTIFICATE_NAME</l7:Name>
<l7:CertificateData>
<l7:Encoded>BASE64_ENCODED_x509_CERT_DATA</l7:Encoded>
</l7:CertificateData>
<l7:Properties>
<l7:Property key="revocationCheckingEnabled">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustAnchor">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedAsSamlAttestingEntity">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedAsSamlIssuer">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedForSigningClientCerts">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedForSigningServerCerts">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedForSsl">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="verifyHostname">
<l7:BooleanValue>false</l7:BooleanValue>
</l7:Property>
</l7:Properties>
</l7:TrustedCertificate>
4. Run a curl command to call the Restman service with the payload (in this example, it's called cert.xml file):
curl -X POST -k -H 'Content-Type: application/xml' -u admin:7layer 'https://<GATEWAY_HOST>:8443/restman/1.0/trustedCertificates' -d @cert.xml
Alternatively, run a GMU command to call the Restman service with the payload (in this example, it's called cert.xml file):
./GatewayMigrationUtility.sh restman --argFile common.properties --method POST --path '1.0/trustedCertificates' --request cert.xml
NOTE: This is an example of how to create a new certificate. To update an existing certificate, please refer the PUT request in the Restman documentation.
For the Properties portion of the payload, use the following images for reference: