Use the POST /keyPairs/signing/import endpoint to import a new key pair.
| Code | Reason |
|---|---|
| 201 | Key Pair imported. |
| 400 | The request was improperly formatted or contained invalid fields. |
| 403 | PingFederate does not have its IdP role enabled. Operation not available. |
| 422 | Validation error(s) occurred. |
KeyPairView - Key pair details.
| Property | Type | Description |
|---|---|---|
| cryptoProvider | CryptoProvider | Cryptographic Provider. This is only applicable if Hybrid HSM mode is true. |
| expires | string | The end date up until which the item is valid, in ISO 8601 format (UTC). |
| id | string | The persistent, unique ID for the certificate. |
| issuerDN | string | The issuer’s distinguished name. |
| keyAlgorithm | string | The public key algorithm. |
| keySize | integer | The public key size. |
| rotationSettings | KeyPairRotationSettings | Key pair rotation settings. Only applicable to self-signed signing key pairs. Automatic key rotation is not currently available for SSL client or SSL server key pairs. |
| serialNumber | string | The serial number assigned by the CA. |
| sha1Fingerprint | string | SHA-1 fingerprint in Hex encoding. |
| sha256Fingerprint | string | SHA-256 fingerprint in Hex encoding. |
| signatureAlgorithm | string | The signature algorithm. |
| status | CertificateValidity | Status of the item. |
| subjectAlternativeNames | array[string] | The subject alternative names (SAN). |
| subjectDN | string | The subject’s distinguished name. |
| validFrom | string | The start date from which the item is valid, in ISO 8601 format (UTC). |
| version | integer | The X.509 version to which the item conforms. |
KeyPairRotationSettings - Key Pair Rotation Details
| Property | Type | Description |
|---|---|---|
| activationBufferDays * | integer | Buffer days before key pair expiration for activation of the new key pair. |
| creationBufferDays * | integer | Buffer days before key pair expiration for creation of a new key pair. |
| id | string | |
| keyAlgorithm | string | Key algorithm to be used while creating a new key pair. If this property is unset, the key algorithm of the original key pair will be used. Supported algorithms are available through the /keyPairs/keyAlgorithms endpoint. |
| keySize | integer | Key size, in bits. If this property is unset, the key size of the original key pair will be used. Supported key sizes are available through the /keyPairs/keyAlgorithms endpoint. |
| signatureAlgorithm | string | Required if the original key pair used SHA1 algorithm. If this property is unset, the default signature algorithm of the original key pair will be used. Supported signature algorithms are available through the /keyPairs/keyAlgorithms endpoint. |
| validDays | integer | Valid days for the new key pair to be created. If this property is unset, the validity days of the original key pair will be used. |
PKCS12File - Represents the contents of a PKCS12 file.
| Property | Type | Description |
|---|---|---|
| cryptoProvider | CryptoProvider | Cryptographic Provider. This is only applicable if Hybrid HSM mode is true. |
| encryptedPassword * | string | Encrypted password for the PKCS12 file. |
| fileData * | string | Base64 encoded PKCS12 file data. New line characters should be omitted or encoded in this value. |
| id | string | The persistent, unique ID for the certificate. It can be any combination of [a-z0-9._-]. This property is system-assigned if not specified. |
| password * | string | Password for the PKCS12 file. |