This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

How to remove a certificate from a truststore?

Posted on 11-14-2016 03:46 PM
Not applicable
Reply posted on --/--/---- --:-- AM

Our application uses client certificates for authentication. Various partners will provide us certificates for upload to our Apigee truststore.


Currently in test we have uploaded an incorrect certificate for one of our partners. We would not only like to add a new certificate for this customer, but remove the old one.

As far as I can tell there is no API for removing a certificate from a truststore, just for removing the truststore altogether. Not being able to manage certificates within a truststore will be a significant problem for us. Is there some API we can use for this purpose?

Solved Solved
0 4 1,345
Topic Labels
Jump to Solution
0 Likes
2 ACCEPTED SOLUTIONS

Posted on --/--/---- --:-- AM
gaurav_bhandari
New Member
Reply posted on --/--/---- --:-- AM

Hi @pblair,

The API CALl that you have mention is correct. But I would suggest that execute GET API CALL first and then verify the certs that you want to delete and then execute the DELETE API CALL

1) GET API CALL

curl -u {user} "https://

<MS Server VIP NAME>/v1/o/{org}/environments/{env}/keystores/{truststore}/certs/{cert}"

2) DELETE API CALL

curl -u {user} -X DELETE https://<MS Server VIP NAME>/v1/o/{org}/environments/{env}/keystores/{truststore}/certs/{cert}

Also, instead of <MS Server VIP NAME>, you can execute the command on MS and use localhost:8080

Plus, after certificate addition/deletion. One must restart GATEWAY servers ie RMP server.You can restart either of the server or both depending upon the use case.

Please let me know in case you need more information.

Thanks and Regards,

Gaurav Bhandari

View solution in original post

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
sgilson
New Member
Reply posted on --/--/---- --:-- AM

I have added this method to the Apigee API reference here:

http://docs.apigee.com/management/apis/delete/organizations/%7Borg_name%7D/environments/%7Benv_name%...

Stephen

View solution in original post

Jump to Solution
4 REPLIES 4

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

I got this from support. To delete certs from a TrustStore:


curl -u {user} -X DELETE "https://api.enterprise.apigee.com/v1/o/{org}/environments/{env}/keystores/{truststore}/certs/{cert}"

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
gaurav_bhandari
New Member
Reply posted on --/--/---- --:-- AM

Hi @pblair,

The API CALl that you have mention is correct. But I would suggest that execute GET API CALL first and then verify the certs that you want to delete and then execute the DELETE API CALL

1) GET API CALL

curl -u {user} "https://

<MS Server VIP NAME>/v1/o/{org}/environments/{env}/keystores/{truststore}/certs/{cert}"

2) DELETE API CALL

curl -u {user} -X DELETE https://<MS Server VIP NAME>/v1/o/{org}/environments/{env}/keystores/{truststore}/certs/{cert}

Also, instead of <MS Server VIP NAME>, you can execute the command on MS and use localhost:8080

Plus, after certificate addition/deletion. One must restart GATEWAY servers ie RMP server.You can restart either of the server or both depending upon the use case.

Please let me know in case you need more information.

Thanks and Regards,

Gaurav Bhandari

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
sgilson
New Member
Reply posted on --/--/---- --:-- AM

I have added this method to the Apigee API reference here:

http://docs.apigee.com/management/apis/delete/organizations/%7Borg_name%7D/environments/%7Benv_name%...

Stephen

Jump to Solution

Posted on --/--/---- --:-- AM
jonesfloyd
Staff
In response to sgilson
Reply posted on --/--/---- --:-- AM

Thanks for adding that, Stephen!

Jump to Solution
0 Likes