Use the POST /keyPairs/signing/import endpoint to import a new key pair.

Status codes

Code Reason
201 Key Pair imported.
400 The request was improperly formatted or contained invalid fields.
403 PingFederate does not have its IdP role enabled. Operation not available.
422 Validation error(s) occurred.

KeyPairView - Key pair details.

Property Type Description
cryptoProvider CryptoProvider Cryptographic Provider. This is only applicable if Hybrid HSM mode is true.
expires string The end date up until which the item is valid, in ISO 8601 format (UTC).
id string The persistent, unique ID for the certificate.
issuerDN string The issuer’s distinguished name.
keyAlgorithm string The public key algorithm.
keySize integer The public key size.
rotationSettings KeyPairRotationSettings Key pair rotation settings. Only applicable to self-signed signing key pairs. Automatic key rotation is not currently available for SSL client or SSL server key pairs.
serialNumber string The serial number assigned by the CA.
sha1Fingerprint string SHA-1 fingerprint in Hex encoding.
sha256Fingerprint string SHA-256 fingerprint in Hex encoding.
signatureAlgorithm string The signature algorithm.
status CertificateValidity Status of the item.
subjectAlternativeNames array[string] The subject alternative names (SAN).
subjectDN string The subject’s distinguished name.
validFrom string The start date from which the item is valid, in ISO 8601 format (UTC).
version integer The X.509 version to which the item conforms.

KeyPairRotationSettings - Key Pair Rotation Details

Property Type Description
activationBufferDays * integer Buffer days before key pair expiration for activation of the new key pair.
creationBufferDays * integer Buffer days before key pair expiration for creation of a new key pair.
id string
keyAlgorithm string Key algorithm to be used while creating a new key pair. If this property is unset, the key algorithm of the original key pair will be used. Supported algorithms are available through the /keyPairs/keyAlgorithms endpoint.
keySize integer Key size, in bits. If this property is unset, the key size of the original key pair will be used. Supported key sizes are available through the /keyPairs/keyAlgorithms endpoint.
signatureAlgorithm string Required if the original key pair used SHA1 algorithm. If this property is unset, the default signature algorithm of the original key pair will be used. Supported signature algorithms are available through the /keyPairs/keyAlgorithms endpoint.
validDays integer Valid days for the new key pair to be created. If this property is unset, the validity days of the original key pair will be used.

PKCS12File - Represents the contents of a PKCS12 file.

Property Type Description
cryptoProvider CryptoProvider Cryptographic Provider. This is only applicable if Hybrid HSM mode is true.
encryptedPassword * string Encrypted password for the PKCS12 file.
fileData * string Base64 encoded PKCS12 file data. New line characters should be omitted or encoded in this value.
id string The persistent, unique ID for the certificate. It can be any combination of [a-z0-9._-]. This property is system-assigned if not specified.
password * string Password for the PKCS12 file.