NXLog Documentation

Certificate services

certificateinfo

Retrieves information about all certificates used for communication between NXLog and NXLog Manager.

Type of Request: GET

URL: https://hostname:9443/nxlog-manager/mvc/restservice/certificateinfo

This service can accept the communication format specified via the .xml or .json extensions appended to the end of the URL which can be used instead of the accept and Content-Type headers.
For JSON format, the following URL should be used:
https://hostname:9443/nxlog-manager/mvc/restservice/certificateinfo.json.
The following URL should be applied for XML:
https://hostname:9443/nxlog-manager/mvc/restservice/certificateinfo.xml.

Parameters are listed below.

Table 1. List of parameters
Parameter Description Format Type

expirein

Lists only certificates that will expire in the given number of days. It can be used to identify certificates that are about to expire.

To list certificates as per several dates of expiration, this parameter can be specified for each date separately.

Array[integer]

Optional

Sample cURL request
curl -k -v -H "REST_PASSWORD: nxlog123" -H "REST_USER: admin" "https://hostname:9443/nxlog-manager/mvc/restservice/certificateinfo.json"
Sample response in JSON
{
  "servicename": "certificateinfo",
  "values": [
    {
      "name": "My_First_CA",
      "country": "country",
      "state": "state",
      "city": "city",
      "organization": "organization",
      "organization-unit": "organization unit",
      "activation": "2020-06-25 00:04",
      "expiration": "2025-05-25 00:00",
      "use-as-default-ca": false,
      "status": "VALID",
      "id": 1,
      "issuer": "CN=My_First_CA, ST=state, C=country, O=organization, OU=organization unit, L=city",
      "subject": "CN=My_First_CA, ST=state, C=country, O=organization, OU=organization unit, L=city",
      "serial-number": 69664245045870,
      "sig-alg-name": "SHA256WITHRSA",
      "netscape-cert-type": "SSL CA, S/MIME CA",
      "key-usage": "CRLSign, digitalSignature, keyCertSign, keyEncipherment",
      "thumb-print": "85 90 a3 ac 02 d7 b9 37 29 3b a0 63 c3 ea 6e 88 07 1d 98 94 ",
      "type": "CA"
    },
    {
      "name": "AGENT_MANAGER",
      "country": "country",
      "state": "state",
      "city": "city",
      "organization": "organization",
      "organization-unit": "organization unit",
      "certActivation": "2020-06-25 00:04",
      "expiration": "2025-05-25 00:00",
      "parent-fingerprint": 1,
      "status": "VALID",
      "issuer": "CN=My_First_CA, ST=state, C=country, O=organization, OU=organization unit, L=city",
      "subject": "CN=AGENT_MANAGER, ST=state, C=country, O=organization, OU=organization unit, L=city",
      "serial-number": 143110591992817,
      "sig-alg-nName": "SHA256WITHRSA",
      "thumb-print": "c5 19 42 f7 e4 51 8e b5 af 51 fa 73 d2 5d 00 fa d0 b7 db e3 ",
      "type": "CERT"
    }
  ],
  "links": [
    {
      "rel": "self",
      "href": "https://hostname:9443/nxlog-manager/mvc/mvc/restservice/certificateinfoundefined{?expireIn}"
    }
  ]
}

issueagentscertificates

Issues certificates for the specified agents. For more information about certificates, see the Certificates section of the NXLog Manager User Guide.

Type of Request: POST

URL: https://hostname:9443/nxlog-manager/mvc/restservice/issuagentscertificates

Parameters are listed below.

Table 2. List of parameters
Parameter Description Format Type

agentUuids

A comma-delimited list of agent UUIDs the certificates should be issued for.

Array[string]

Required

certificate

Object with information for the certificate. Contains the following optional fields:

XML or JSON

Optional

city

String

country

String

expiration

Date in YYYY-MM-DD format, defaults to one year from the date of the certificate issue.

organization

String

organization-unit

String

state

String

update-agents

Boolean, defaults to FALSE.

Sample cURL request
curl -k -v "https://hostname:9443/nxlog-manager/mvc/restservice/issueagentscertificates?agentUuids=9f60f380-fbab-11e7-8000-d85ff4257f2a" -H "REST_PASSWORD:  nxlog123" -H "REST_USER: admin" -H "Content-Type: application/json" -H "accept: application/json" -d "{ \"city\": \"Budapest\", \"country\": \"Hungary\", \"expiration\": \"2025-08-12\", \"organization\": \"CompanyName\", \"organization-unit\": \"Administration\", \"update-agents\": true }"
Sample response in JSON
{
  "servicename": "issueagentscertificates",
  "values": [
    {
      "message": "A certificate created for '192.168.31.193'."
    }
  ],
  "links": [
    {
      "rel": "self",
      "href": "https://hostname:9443/nxlog-manager/mvc/mvc/restservice/viewcertificate{pathExt:.*}?fingerprint={fingerprint}"
    }
  ]
}