Use the POST /keyPairs/signing/generate endpoint to generate a new key pair.

Status codes

Code Reason
201 Key Pair created.
400 The request was improperly formatted or contained invalid fields.
422 Validation error(s) occurred.

KeyPairView - Key pair details.

Property Type Description
cryptoProvider CryptoProvider Cryptographic Provider. This is only applicable if Hybrid HSM mode is true.
expires string The end date up until which the item is valid, in ISO 8601 format (UTC).
id string The persistent, unique ID for the certificate.
issuerDN string The issuer’s distinguished name.
keyAlgorithm string The public key algorithm.
keySize integer The public key size.
rotationSettings KeyPairRotationSettings Key pair rotation settings. Only applicable to self-signed signing key pairs. Automatic key rotation is not currently available for SSL client or SSL server key pairs.
serialNumber string The serial number assigned by the CA.
sha1Fingerprint string SHA-1 fingerprint in Hex encoding.
sha256Fingerprint string SHA-256 fingerprint in Hex encoding.
signatureAlgorithm string The signature algorithm.
status CertificateValidity Status of the item.
subjectAlternativeNames array[string] The subject alternative names (SAN).
subjectDN string The subject’s distinguished name.
validFrom string The start date from which the item is valid, in ISO 8601 format (UTC).
version integer The X.509 version to which the item conforms.

KeyPairRotationSettings - Key Pair Rotation Details

Property Type Description
activationBufferDays * integer Buffer days before key pair expiration for activation of the new key pair.
creationBufferDays * integer Buffer days before key pair expiration for creation of a new key pair.
id string
keyAlgorithm string Key algorithm to be used while creating a new key pair. If this property is unset, the key algorithm of the original key pair will be used. Supported algorithms are available through the /keyPairs/keyAlgorithms endpoint.
keySize integer Key size, in bits. If this property is unset, the key size of the original key pair will be used. Supported key sizes are available through the /keyPairs/keyAlgorithms endpoint.
signatureAlgorithm string Required if the original key pair used SHA1 algorithm. If this property is unset, the default signature algorithm of the original key pair will be used. Supported signature algorithms are available through the /keyPairs/keyAlgorithms endpoint.
validDays integer Valid days for the new key pair to be created. If this property is unset, the validity days of the original key pair will be used.

NewKeyPairSettings - Settings for creating a new key pair.

Property Type Description
city string City.
commonName * string Common name for key pair subject.
country * string Country.
cryptoProvider CryptoProvider Cryptographic Provider. This is only applicable if Hybrid HSM mode is true.
id string The persistent, unique ID for the certificate. It can be any combination of [a-z0-9._-]. This property is system-assigned if not specified.
keyAlgorithm * string Key generation algorithm. Supported algorithms are available through the /keyPairs/keyAlgorithms endpoint.
keySize integer Key size, in bits. If this property is unset, the default size for the key algorithm will be used. Supported key sizes are available through the /keyPairs/keyAlgorithms endpoint.
organization * string Organization.
organizationUnit string Organization unit.
signatureAlgorithm string Signature algorithm. If this property is unset, the default signature algorithm for the key algorithm will be used. Supported signature algorithms are available through the /keyPairs/keyAlgorithms endpoint.
state string State.
subjectAlternativeNames array[string] The subject alternative names (SAN).
validDays * integer Number of days the key pair will be valid for.