群集证书请求
群集证书请求
| Redis 企业软件 |
|---|
| 方法 | 路径 | 描述 |
|---|---|---|
| 获取 | /v1/cluster/certificates |
获取群集证书 |
| 放 | /v1/cluster/update_cert |
更新集群证书 |
| 删除 | /v1/cluster/certificates/{certificate_name} |
删除集群证书 |
获取群集证书
GET /v1/cluster/certificates
获取集群的证书。
所需权限
| 权限名称 |
|---|
| view_cluster_info |
请求
HTTP 请求示例
GET /v1/cluster/certificates
请求标头
| 钥匙 | 价值 | 描述 |
|---|---|---|
| 主机 | cnm.cluster.fqdn 中 | 域名 |
| 接受 | 应用程序/JSON | 接受的媒体类型 |
响应
返回包含集群的证书和密钥的 JSON 对象。
示例 JSON 正文
{
"api_cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----",
"api_key": "-----BEGIN RSA PRIVATE KEY-----...-----END RSA PRIVATE KEY-----"
"// additional certificates..."
}
Status codes
Code
Description
200 OK
No error
Update cluster certificate
PUT /v1/cluster/update_cert
Replaces an existing certificate on all nodes within the cluster with a new certificate. The new certificate must pass validation before it can replace the old certificate.
See the certificates table for the list of cluster certificates and their descriptions.
Request
Example HTTP request
PUT /v1/cluster/update_cert
Example JSON body
{
"name": "certificate1",
"key": "-----BEGIN RSA PRIVATE KEY-----\n[key_content]\n-----END RSA PRIVATE KEY-----",
"certificate": "-----BEGIN CERTIFICATE-----\n[cert_content]\n-----END CERTIFICATE-----",
}
Replace [key_content] with the content of the private key and [cert_content] with the content of the certificate.
Response
Responds with the 200 OK status code if the certificate replacement succeeds across the entire cluster.
Otherwise, retry the certificate update in case the failure was due to a temporary issue in the cluster.
Status codes
Code
Description
200 OK
No error
400 Bad Request
Failed, invalid certificate.
403 Forbidden
Failed, unknown certificate.
404 Not Found
Failed, invalid certificate.
406 Not Acceptable
Failed, expired certificate.
409 Conflict
Failed, not all nodes have been updated.
Delete cluster certificate
DELETE /v1/cluster/certificates/{string: certificate_name}
Removes the specified cluster certificate from both CCS and disk
across all nodes. Only optional certificates can be deleted through
this endpoint. See the certificates table for the list of cluster certificates and their descriptions.
Request
Example HTTP request
DELETE /v1/cluster/certificates/<certificate_name>
Request headers
Key
Value
Description
Host
cnm.cluster.fqdn
Domain name
Accept
application/json
Accepted media type
Response
Returns a status code that indicates the certificate deletion success or failure.
Status codes
Code
Description
200 OK
Operation successful
404 Not Found
Failed, requested deletion of an unknown certificate
403 Forbidden
Failed, requested deletion of a required certificate
500 Internal Server Error
Failed, error while deleting certificate from disk
On this page