Create Internal CA - Security Cloud Control Firewall Manager API Documentation

{"type":"api","title":"Create Internal CA","meta":{"id":"/apps/pubhub/media/cdo-api-documentation/ee9bdf946673e45c4f256a22e0a754e29a9b2098/54f4ba30-7fe2-3433-bbd5-a4d458aee37e","info":{"title":"Cisco Cloud-delivered Firewall Management Center (cdFMC) API","version":"1.15.0","description":"Use the documentation to explore the endpoints the cdFMC has to offer","contact":{"name":"Cisco Firepower TAC","email":"ngfw-support@cisco.com"}},"tags":[{"name":"Analysis"},{"name":"Audit"},{"name":"Backup"},{"name":"Change Management"},{"name":"Chassis"},{"name":"Deployment"},{"name":"Device Clusters"},{"name":"Device Groups"},{"name":"Device HA Pairs"},{"name":"Devices"},{"name":"Health"},{"name":"Integration"},{"name":"Intelligence"},{"name":"License"},{"name":"Network Map"},{"name":"Object"},{"name":"Policy"},{"name":"Policy Assignments"},{"name":"Search"},{"name":"Status"},{"name":"System Configuration"},{"name":"System Information"},{"name":"Templates"},{"name":"Troubleshoot"},{"name":"Updates"},{"name":"Users"}],"openapi":"3.0.1","servers":[{"url":"https://api.us.security.cisco.com/firewall","description":"US"},{"url":"https://api.eu.security.cisco.com/firewall","description":"EU"},{"url":"https://api.apj.security.cisco.com/firewall","description":"APJ"},{"url":"https://api.au.security.cisco.com/firewall","description":"AUS"},{"url":"https://api.in.security.cisco.com/firewall","description":"IN"},{"url":"https://api.int.security.cisco.com/firewall","description":"Staging"},{"url":"https://scale.manage.security.cisco.com/api/rest","description":"Scale"},{"url":"https://ci.manage.security.cisco.com/api/rest","description":"CI"},{"url":"https://manage.stg.secure.cisco/api/rest","description":"Stgf9"}],"securitySchemes":{"bearerAuth":{"bearerFormat":"JWT","scheme":"bearer","type":"http"}}},"spec":{"deprecated":false,"description":"**Create an internal certificate authority. _Check the response section for applicable examples (if any)._**","operationId":"createInternalCA","parameters":[{"description":"Boolean parameter to specify if the request is to create a Certificate Signing Request(CSR) or not. \u003ccode\u003efalse\u003c/code\u003e by default. When \u003ccode\u003efalse\u003c/code\u003e, if a certificate/key pair is provided, the certificate/key pair is imported. Else, a self-signed certificate is generated. When \u003ccode\u003etrue\u003c/code\u003e, a CSR is generated.","in":"query","name":"isCSR","required":false,"schema":{"type":"boolean"}},{"description":"UUID of the ticket for tracking the configuration changes.","in":"header","name":"ticket-id","required":false,"schema":{"type":"string"}},{"name":"domainUUID","description":"Domain UUID","in":"path","required":true,"schema":{"type":"string"},"$$ref":"#/components/parameters/domainUUID"}],"requestBody":{"content":{"application/json":{"examples":{"Example 1 : POST /fmc_config/v1/domain/domainUUID/object/internalcas?isCSR=false ( Test internal CA import with certificate and key )":{"value":{"cert":"-----BEGIN CERTIFICATE-----\nMIIDYDCCAsmgAwIBAgIJAPqlXa5mNBMXMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNV\nBAYTAlVTMQswCQYDVQQIEwJQQTETMBEGA1UEBxMKUGl0dHNidXJnaDETMBEGA1UE\nChMKU291cmNlZmlyZTEiMCAGA1UEAxMZaW50ZXJuYWwxMDI0LmludGVybmFsMTAy\nNDEUMBIGA1UECxMLRGV2ZWxvcG1lbnQwHhcNMTUwMzEwMTU0NTUxWhcNMjUwMzA3\nMTU0NTUxWjB+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCUEExEzARBgNVBAcTClBp\ndHRzYnVyZ2gxEzARBgNVBAoTClNvdXJjZWZpcmUxIjAgBgNVBAMTGWludGVybmFs\nMTAyNC5pbnRlcm5hbDEwMjQxFDASBgNVBAsTC0RldmVsb3BtZW50MIGfMA0GCSqG\nSIb3DQEBAQUAA4GNADCBiQKBgQCivQIImKK+11/BUxESTfgy/F1bYkM+NapK8jOg\nx9DF1y+5wDBqaoFpNzCCEgC3I/NfehI+KbuJFwgO7i4+IGqRkDZtNxmQ8SsEwEQ6\nimwl+brHNFcXLrw/Ih5OW9JuSgU1Zc2bx2O7CAFLMuuJxFtyFImFwf+X2f8namOt\n8FPKFQIDAQABo4HlMIHiMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFO6c6Fbf5jtC\nsDJ4RsCip+KcZM46MIGyBgNVHSMEgaowgaeAFO6c6Fbf5jtCsDJ4RsCip+KcZM46\noYGDpIGAMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJQQTETMBEGA1UEBxMKUGl0\ndHNidXJnaDETMBEGA1UEChMKU291cmNlZmlyZTEiMCAGA1UEAxMZaW50ZXJuYWwx\nMDI0LmludGVybmFsMTAyNDEUMBIGA1UECxMLRGV2ZWxvcG1lbnSCCQD6pV2uZjQT\nFzANBgkqhkiG9w0BAQUFAAOBgQBL8xwr1cijq0pAS4DlgLF2hT1Q+rP6/qpW6sp3\nhGgtdyk6jC/UofWERS6Y5YYkrEfTLJltXRK6ndBKgwpisBY3krwIFGY0kIyxgEko\n42/r3JM6GJZEfRfurXVazELShfjI8WFolnJawBU6Bvt8opY4BHkdyBChNWcYZsLu\nrIuPFw==\n-----END CERTIFICATE-----","name":"import_CA_2","passPhrase":"password","privateKey":"-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: AES-128-CBC,D551E502980434E1D94D52679CD5366D\n\nNnvhG2o/0czQ8P6HIRVB8NBEhDpWlkt5Dt9VwlHvDd4PUaFOz//mF6F/JHOO/7Tw\n9/hrzKUoL/KMz2guer903CxnVCr4tpHiAOpXKe/jxcoXW8T6NdMBe2sfdkzRfmoJ\nYsjjhFAY20TlEt1/uhpdISPCjNo4p3dQwDGFaNQn9KyPZdsxVEWWtTvBoXtSE4xp\nzY8wVJzUsmZTexGnu6OUC+i46UdcrHFIZTiRQLNDcYTIRU3A3bTMi88HuJJIA7Ig\nOJ1fKEPvtMpibsSsw9X/+1suIWdR1HnLWvUGjPjObYLezsz0+kbyc+/fJVT/QM5a\nLvwitna48hffVKHrQl2g8d8rWo1mPnNKMGf0UyBdGw2h+00pdi6fIhuoDYDQM6UK\nMHJBt/cX6+p0qfhzi/67NenkHgO5WAkNfSpRnVXfnWVc3Q0Cgv1vC/mAnoepxMMV\n8yjmABpgSpG8Y3Itb4XC+yhejxhhDdxzWuxuGBN/XcsGmrb6dYxqhWwAZ3QNJoVQ\nZQtRDJQsA6YwOEFjvjBGZBwrOxVXRd/vPwq1bIN2rE6DCj8AQQk1GkjV/gs6U2cB\n7PUnKj0Zh/bbs5e9VF4irb9+Tj7GAeKhytqiBWvbjYPbit21alSFqHsnoEBJBzMT\n2Qhiy+/J1HkQOlPG5aczCxLrjUfe9BOxvjD31T+kfmOqBsdgamH0LhK8yXl1vn0f\nZ0rcQw3ADuxLT0qZ1zveJTaAEp7bJrIC+mnvCjuKJ8tPjgWqtfC797SwFNi7g49G\nBimfKqNhNJahbgUyRxVmgtzPydzBcZ23pQfI/+Yg4eIFcwxRXo6vcWEb3S3sg0PY\n-----END RSA PRIVATE KEY-----","subjectCountry":"US","type":"InternalCA"}},"Example 2 : POST /fmc_config/v1/domain/domainUUID/object/internalcas?isCSR=false ( Test Generation of Self-signed internal CA )":{"value":{"name":"self_signed_CA_1","subjectCommonName":"internalCA.selfSigned","subjectCountry":"US","subjectLocality":"Milpitas","subjectOrganization":"Cisco","subjectOrganizationUnit":"SBG","subjectState":"California","type":"InternalCA"}},"Example 3 : POST /fmc_config/v1/domain/domainUUID/object/internalcas?isCSR=true ( Test Generation of Certificate Signing Request(CSR) )":{"value":{"name":"csr_test1","subjectCommonName":"internalCA.csr1","subjectCountry":"US","subjectLocality":"Milpitas","subjectOrganization":"Cisco","subjectOrganizationUnit":"SBG","subjectState":"California","type":"InternalCA"}}},"schema":{"type":"object","description":"Represents the CA public key certificate of a CA the user's organization controls. Internal CA objects can be used in encryption policy rules to decrypt outgoing encrypted traffic by re-signing the server certificate with the internal CA.","properties":{"cert":{"description":"PEM, DER, or PKCS#7 formatted certificate contents.","type":"string"},"certFingerprint":{"description":"Unique sequence used to identify the certificate.","type":"string"},"csr":{"description":"PEM-formatted Certificate Signing Request contents which can be sent to CA for signing a certificate.","type":"string"},"description":{"type":"string"},"id":{"description":"Unique identifier representing resource.","type":"string"},"issuerCommonName":{"description":"Common name of the issuer that signed and issued the certificate.","type":"string"},"issuerOrganization":{"description":"Organization, company name, of the issuer that signed and issued the certificate.","type":"string"},"issuerOrganizationUnit":{"description":"Organization Unit, division or unit, of the issuer that signed and issued the certificate.","type":"string"},"links":{"description":"Object containing links to this resource.","type":"object","properties":{"parent":{"description":"Full resource URL path to reference the parent (if any) for this resource.","type":"string"},"self":{"description":"Full resource URL path to reference this particular resource.","type":"string"}},"$$ref":"#/components/schemas/ILinks"},"metadata":{"type":"object","description":"Defines read only details about the object - whether it is system defined, last user who modified the object etc.","properties":{"domain":{"description":"Defines the domains this instance belongs to (if applicable).","type":"object","properties":{"id":{"description":"Unique UUID of this domain","type":"string"},"links":{"description":"Links to the domain resource URLs.","type":"object","properties":{"parent":{"description":"Full resource URL path to reference the parent (if any) for this resource.","type":"string"},"self":{"description":"Full resource URL path to reference this particular resource.","type":"string"}},"$$ref":"#/components/schemas/ILinks"},"name":{"description":"Name of the domain.","type":"string"},"type":{"description":"Domain type definition (fixed).","type":"string"},"uuid":{"type":"string"}},"$$ref":"#/components/schemas/Domain"},"isLocked":{"type":"boolean"},"lastUser":{"description":"The last user who modified this instance.","type":"object","properties":{"id":{"description":"The unique UUID of the user","type":"string"},"links":{"description":"Contains the self referencing links to this resource","type":"object","properties":{"parent":{"description":"Full resource URL path to reference the parent (if any) for this resource.","type":"string"},"self":{"description":"Full resource URL path to reference this particular resource.","type":"string"}},"$$ref":"#/components/schemas/ILinks"},"name":{"description":"Name of the user.","type":"string"},"type":{"description":"The user type (fixed).","type":"string"}},"$$ref":"#/components/schemas/MetadataUser"},"matches":{"items":{"type":"string"},"type":"array"},"readOnly":{"description":"Details regarding the read only status of this instance","type":"object","properties":{"reason":{"description":"Reason the resource is read only - SYSTEM (if it is system defined), RBAC (if user RBAC permissions make it read only) or DOMAIN (if resource is read only in current domain).","enum":["RBAC","SYSTEM","DOMAIN"],"type":"string"},"state":{"description":"True if this resource us read only and false otherwise.","type":"boolean"}},"$$ref":"#/components/schemas/ReadOnly"},"timestamp":{"description":"The last updated timestamp.","format":"int32","type":"integer"}},"$$ref":"#/components/schemas/Metadata"},"name":{"description":"User chosen resource name.","type":"string"},"passPhrase":{"description":"Passphrase used for encrypted private key.","type":"string"},"privateKey":{"description":"PEM, DER, or PKCS#7 formatted key contents.","type":"string"},"publicKeyFingerprint":{"description":"SHA1 hash sequence used to identify the public key.","type":"string"},"serialNumber":{"description":"Unique number assigned by CA to the certificate on generation. The issuer name and serial number identify a unique certificate.","type":"string"},"subjectCommonName":{"description":"Common name of the subject being certified in the given certificate.","type":"string"},"subjectCountry":{"description":"An ISO3166 two character country code of the subject being certified in the given certificate.","type":"string"},"subjectLocality":{"description":"An Unicode alphanumeric string containing the locality, city name, of the subject being certified in the given certificate.","type":"string"},"subjectOrganization":{"description":"Organization, company name, of the subject being certified in the given certificate.","type":"string"},"subjectOrganizationUnit":{"description":"The Organization Unit, division or unit, of the subject being certified in the given certificate.","type":"string"},"subjectState":{"description":"An Unicode alphanumeric string containing the state or the province of the subject being certified in the given certificate.","type":"string"},"type":{"description":"Type of the response object. This value is always 'InternalCA'.","type":"string"},"validityEndDate":{"description":"Certificate validity end date in ISO 8601 format. Defaulted to validity duration of 3650 days at the time of generation of self-signed certificate.","type":"string"},"validityStartDate":{"description":"Certificate validity start date in ISO 8601 format. Defaulted to current date and time in GMT zone at the self-sign certificate generation.","type":"string"}},"$$ref":"#/components/schemas/InternalCA"}}},"description":"The input Internal CA model.","required":true},"responses":{"201":{"content":{"application/json":{"examples":{"Example 1 : POST /fmc_config/v1/domain/domainUUID/object/internalcas?isCSR=false ( Test internal CA import with certificate and key )":{"value":{"cert":"-----BEGIN CERTIFICATE-----\nMIIDYDCCAsmgAwIBAgIJAPqlXa5mNBMXMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNV\nBAYTAlVTMQswCQYDVQQIEwJQQTETMBEGA1UEBxMKUGl0dHNidXJnaDETMBEGA1UE\nChMKU291cmNlZmlyZTEiMCAGA1UEAxMZaW50ZXJuYWwxMDI0LmludGVybmFsMTAy\nNDEUMBIGA1UECxMLRGV2ZWxvcG1lbnQwHhcNMTUwMzEwMTU0NTUxWhcNMjUwMzA3\nMTU0NTUxWjB+MQswCQYDVQQGEwJVUzELMAkGA1UECBMCUEExEzARBgNVBAcTClBp\ndHRzYnVyZ2gxEzARBgNVBAoTClNvdXJjZWZpcmUxIjAgBgNVBAMTGWludGVybmFs\nMTAyNC5pbnRlcm5hbDEwMjQxFDASBgNVBAsTC0RldmVsb3BtZW50MIGfMA0GCSqG\nSIb3DQEBAQUAA4GNADCBiQKBgQCivQIImKK+11/BUxESTfgy/F1bYkM+NapK8jOg\nx9DF1y+5wDBqaoFpNzCCEgC3I/NfehI+KbuJFwgO7i4+IGqRkDZtNxmQ8SsEwEQ6\nimwl+brHNFcXLrw/Ih5OW9JuSgU1Zc2bx2O7CAFLMuuJxFtyFImFwf+X2f8namOt\n8FPKFQIDAQABo4HlMIHiMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYEFO6c6Fbf5jtC\nsDJ4RsCip+KcZM46MIGyBgNVHSMEgaowgaeAFO6c6Fbf5jtCsDJ4RsCip+KcZM46\noYGDpIGAMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJQQTETMBEGA1UEBxMKUGl0\ndHNidXJnaDETMBEGA1UEChMKU291cmNlZmlyZTEiMCAGA1UEAxMZaW50ZXJuYWwx\nMDI0LmludGVybmFsMTAyNDEUMBIGA1UECxMLRGV2ZWxvcG1lbnSCCQD6pV2uZjQT\nFzANBgkqhkiG9w0BAQUFAAOBgQBL8xwr1cijq0pAS4DlgLF2hT1Q+rP6/qpW6sp3\nhGgtdyk6jC/UofWERS6Y5YYkrEfTLJltXRK6ndBKgwpisBY3krwIFGY0kIyxgEko\n42/r3JM6GJZEfRfurXVazELShfjI8WFolnJawBU6Bvt8opY4BHkdyBChNWcYZsLu\nrIuPFw==\n-----END CERTIFICATE-----","certFingerprint":"50:9D:77:44:D4:A3:AC:3B:E1:F6:11:2E:85:19:15:0B:D0:D4:6B:D3","id":"af52e3a2-9c15-11ec-b407-2bbe55c5f4d0","issuerCommonName":"internal1024.internal1024","issuerOrganization":"Sourcefire","issuerOrganizationUnit":"Development","links":{"self":"https://172.29.182.90:10215/api/fmc_config/v1/domain/e276abec-e0f2-11e3-8169-6d9ed49b625f/object/internalcas/af52e3a2-9c15-11ec-b407-2bbe55c5f4d0"},"name":"import_CA_2","passPhrase":"********","privateKey":"********","publicKeyFingerprint":"820bad9cae9c1ef9eb2cfea20ebbfe3fe2eb4521","serialNumber":"fa:a5:5d:ae:66:34:13:17","subjectCommonName":"internal1024.internal1024","subjectCountry":"US","subjectLocality":"Pittsburgh","subjectOrganization":"Sourcefire","subjectOrganizationUnit":"Development","subjectState":"PA","type":"InternalCA","validityEndDate":"2025-03-07T15:45:51Z","validityStartDate":"2015-03-10T15:45:51Z"}},"Example 2 : POST /fmc_config/v1/domain/domainUUID/object/internalcas?isCSR=false ( Test Generation of Self-signed internal CA )":{"value":{"cert":"-----BEGIN CERTIFICATE-----\nMIIDpjCCAo6gAwIBAgIUQ5xDv1eGwRI27lx8dkQVB1wJCa8wDQYJKoZIhvcNAQEL\nBQAwczELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExETAPBgNVBAcM\nCE1pbHBpdGFzMQ4wDAYDVQQKDAVDaXNjbzEMMAoGA1UECwwDU0JHMR4wHAYDVQQD\nDBVpbnRlcm5hbENBLnNlbGZTaWduZWQwHhcNMjIwMzA0MjM1MDMxWhcNMzIwMzAx\nMjM1MDMxWjBzMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTERMA8G\nA1UEBwwITWlscGl0YXMxDjAMBgNVBAoMBUNpc2NvMQwwCgYDVQQLDANTQkcxHjAc\nBgNVBAMMFWludGVybmFsQ0Euc2VsZlNpZ25lZDCCASIwDQYJKoZIhvcNAQEBBQAD\nggEPADCCAQoCggEBANEr1FXiWdOpOUrsc7huXZdxrRGnl36g4pl2sYVYIFzhp4pw\nqTOjpL830W6ft6GBjQepJG8Luld5NymfI3EtNLc21WxoREzI9FwM8m8I5CHplCBe\n5RvgBRQ66cWG+kzhBKqsIdVJGoWboGR2v7EpZmAYvVm8yGrLUHSJ3+N5EfLO6Dz5\n2QKAWmSspm48bvGs/xZGRj7evGPe25RsCK610WPy9LFywn/hql54dYI1dsB20of6\nh1bvJ2r1tRsQnFORoZ/sRASnM6Zqv7MPlBXA36Fg5myq1/r0viDKNcH/IHpAzCME\n/RH8WF5WgRexY1fiJ+cKK9ngyiydtiyDuSkpLlcCAwEAAaMyMDAwHQYDVR0OBBYE\nFOpg7b1NGJppLbEEvXcPXTjbrflHMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN\nAQELBQADggEBAMKTAlau96MSt7qCGv8MK5qpv3q6ho9Be0bKVeC/JM0dvfj92XS/\nrvqu2hPV58hcH/rGS5JL+bExlVb1JM0vR2E+iClTSHsgnnfVCAhYLlcFP9qMaW0J\nk9Kh68gIAb2AgW0TbQ1gCqSl8dhL7fgwXR1gM5ymJTqLxux+vsacJ4qFsNQnT+Pk\nhfl9jX/r8+DInPfl34cdXwTKbJclFV0raiyqVLi58aGXE0Z8N6byxLra4lhtptwW\njQfFiJXJoOHpz5kMv0IZmH4ueTe0fiovlyA5ntPeav3VG4bNSOStmpTBSmK3yacP\nBv/u/8HZ5iAPsHd0W3g1QlvgpZmcgGBi2eg=\n-----END CERTIFICATE-----\n","certFingerprint":"04:62:28:65:8C:A1:6C:DF:99:84:82:89:BD:B9:3C:E9:6C:33:15:DD","id":"e0369d2e-9c15-11ec-843a-29be55c5f4d0","issuerCommonName":"internalCA.selfSigned","issuerOrganization":"Cisco","issuerOrganizationUnit":"SBG","links":{"self":"https://172.29.182.90:10215/api/fmc_config/v1/domain/e276abec-e0f2-11e3-8169-6d9ed49b625f/object/internalcas/e0369d2e-9c15-11ec-843a-29be55c5f4d0"},"name":"self_signed_CA_1","passPhrase":"********","privateKey":"********","publicKeyFingerprint":"8be7c82d988f85afef8538c717acc7cad8f6b6f8","serialNumber":"43:9c:43:bf:57:86:c1:12:36:ee:5c:7c:76:44:15:07:5c:09:09:af","subjectCommonName":"internalCA.selfSigned","subjectCountry":"US","subjectLocality":"Milpitas","subjectOrganization":"Cisco","subjectOrganizationUnit":"SBG","subjectState":"California","type":"InternalCA","validityEndDate":"2032-03-01T23:50:31Z","validityStartDate":"2022-03-04T23:50:31Z"}},"Example 3 : POST /fmc_config/v1/domain/domainUUID/object/internalcas?isCSR=true ( Test Generation of Certificate Signing Request(CSR) )":{"value":{"csr":"-----BEGIN CERTIFICATE REQUEST-----\nMIIC8zCCAdsCAQAwbTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWEx\nETAPBgNVBAcMCE1pbHBpdGFzMQ4wDAYDVQQKDAVDaXNjbzEMMAoGA1UECwwDU0JH\nMRgwFgYDVQQDDA9pbnRlcm5hbENBLmNzcjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB\nDwAwggEKAoIBAQDyojEdqK+QkoIP4oofbX0MGucQoedg6TB/O1zCQ6gs9CAn1GXg\nWgGhhWOS6z1k8C48x4r8PsGbw+oaa9xp0fsNyMDpb7/aCuze3U/KuKE2Ue4hAh50\nCFDEVdslKlpQlqhIpUvYWAt6/kbsfLadkjWR9K8DFQU1QvjoK3Naaq8n4fWVEv9n\n9qsLwl005xs4T8sCGtHpzjLRZfFGeU+xhpJxEQdMB+HtbXdCtDv3KbFrrV/JidTA\njeBcWpEZ033PiN1vMuGljlAOzJJ7nHK2toG6aWKYVw7SfFWWQp4OrsrLlfX4s8v+\n9Qpwgw//U3lmfE3aa8iyGlbRrmtImtlKtDSZAgMBAAGgQTA/BgkqhkiG9w0BCQ4x\nMjAwMB0GA1UdDgQWBBQszvHbRYLW2zqmdMm40QaGCKdDeDAPBgNVHRMBAf8EBTAD\nAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQC64wIpVN8coS3jIZ2mGuj54UCNoKRD54lb\n8nHq8ZpxcjfoJH3Kq7e2PUdwjS14/eXhqRJDGTWSlicGqzaKRLjkKZG+3FZJ8Ov0\nTVAnTKRGYiD608vGLP+AyHQRGKXLDf/TqFUknjW/r9MuEshbTpSXn/4tSUVZOr8o\ngv6V+oyikbX7F0mMTHcGYybuXw+yIcSd4c6wKZzkN1Uozi27JVUZ2isHTl/D8xwG\nbutegvk5/qyG/OjDLkWmxtjbqC9zKvgJjUx2o2jgoFi+XGRWZUdHA8kztjEGEk3S\n+COz+hzCNpXnt7XqpkwOaRR2gctw/39WkhiwNNJZDRylHdTMhcJU\n-----END CERTIFICATE REQUEST-----\n","id":"31cba922-9c1b-11ec-bbc8-d3a155c5f4d0","links":{"self":"https://172.29.182.90:10215/api/fmc_config/v1/domain/e276abec-e0f2-11e3-8169-6d9ed49b625f/object/internalcas/31cba922-9c1b-11ec-bbc8-d3a155c5f4d0"},"name":"csr_test1","passPhrase":"********","privateKey":"********","subjectCommonName":"internalCA.csr1","subjectCountry":"US","subjectLocality":"Milpitas","subjectOrganization":"Cisco","subjectOrganizationUnit":"SBG","subjectState":"California","type":"InternalCA"}}},"schema":{"type":"object","description":"Represents the CA public key certificate of a CA the user's organization controls. Internal CA objects can be used in encryption policy rules to decrypt outgoing encrypted traffic by re-signing the server certificate with the internal CA.","properties":{"cert":{"description":"PEM, DER, or PKCS#7 formatted certificate contents.","type":"string"},"certFingerprint":{"description":"Unique sequence used to identify the certificate.","type":"string"},"csr":{"description":"PEM-formatted Certificate Signing Request contents which can be sent to CA for signing a certificate.","type":"string"},"description":{"type":"string"},"id":{"description":"Unique identifier representing resource.","type":"string"},"issuerCommonName":{"description":"Common name of the issuer that signed and issued the certificate.","type":"string"},"issuerOrganization":{"description":"Organization, company name, of the issuer that signed and issued the certificate.","type":"string"},"issuerOrganizationUnit":{"description":"Organization Unit, division or unit, of the issuer that signed and issued the certificate.","type":"string"},"links":{"description":"Object containing links to this resource.","type":"object","properties":{"parent":{"description":"Full resource URL path to reference the parent (if any) for this resource.","type":"string"},"self":{"description":"Full resource URL path to reference this particular resource.","type":"string"}},"$$ref":"#/components/schemas/ILinks"},"metadata":{"type":"object","description":"Defines read only details about the object - whether it is system defined, last user who modified the object etc.","properties":{"domain":{"description":"Defines the domains this instance belongs to (if applicable).","type":"object","properties":{"id":{"description":"Unique UUID of this domain","type":"string"},"links":{"description":"Links to the domain resource URLs.","type":"object","properties":{"parent":{"description":"Full resource URL path to reference the parent (if any) for this resource.","type":"string"},"self":{"description":"Full resource URL path to reference this particular resource.","type":"string"}},"$$ref":"#/components/schemas/ILinks"},"name":{"description":"Name of the domain.","type":"string"},"type":{"description":"Domain type definition (fixed).","type":"string"},"uuid":{"type":"string"}},"$$ref":"#/components/schemas/Domain"},"isLocked":{"type":"boolean"},"lastUser":{"description":"The last user who modified this instance.","type":"object","properties":{"id":{"description":"The unique UUID of the user","type":"string"},"links":{"description":"Contains the self referencing links to this resource","type":"object","properties":{"parent":{"description":"Full resource URL path to reference the parent (if any) for this resource.","type":"string"},"self":{"description":"Full resource URL path to reference this particular resource.","type":"string"}},"$$ref":"#/components/schemas/ILinks"},"name":{"description":"Name of the user.","type":"string"},"type":{"description":"The user type (fixed).","type":"string"}},"$$ref":"#/components/schemas/MetadataUser"},"matches":{"items":{"type":"string"},"type":"array"},"readOnly":{"description":"Details regarding the read only status of this instance","type":"object","properties":{"reason":{"description":"Reason the resource is read only - SYSTEM (if it is system defined), RBAC (if user RBAC permissions make it read only) or DOMAIN (if resource is read only in current domain).","enum":["RBAC","SYSTEM","DOMAIN"],"type":"string"},"state":{"description":"True if this resource us read only and false otherwise.","type":"boolean"}},"$$ref":"#/components/schemas/ReadOnly"},"timestamp":{"description":"The last updated timestamp.","format":"int32","type":"integer"}},"$$ref":"#/components/schemas/Metadata"},"name":{"description":"User chosen resource name.","type":"string"},"passPhrase":{"description":"Passphrase used for encrypted private key.","type":"string"},"privateKey":{"description":"PEM, DER, or PKCS#7 formatted key contents.","type":"string"},"publicKeyFingerprint":{"description":"SHA1 hash sequence used to identify the public key.","type":"string"},"serialNumber":{"description":"Unique number assigned by CA to the certificate on generation. The issuer name and serial number identify a unique certificate.","type":"string"},"subjectCommonName":{"description":"Common name of the subject being certified in the given certificate.","type":"string"},"subjectCountry":{"description":"An ISO3166 two character country code of the subject being certified in the given certificate.","type":"string"},"subjectLocality":{"description":"An Unicode alphanumeric string containing the locality, city name, of the subject being certified in the given certificate.","type":"string"},"subjectOrganization":{"description":"Organization, company name, of the subject being certified in the given certificate.","type":"string"},"subjectOrganizationUnit":{"description":"The Organization Unit, division or unit, of the subject being certified in the given certificate.","type":"string"},"subjectState":{"description":"An Unicode alphanumeric string containing the state or the province of the subject being certified in the given certificate.","type":"string"},"type":{"description":"Type of the response object. This value is always 'InternalCA'.","type":"string"},"validityEndDate":{"description":"Certificate validity end date in ISO 8601 format. Defaulted to validity duration of 3650 days at the time of generation of self-signed certificate.","type":"string"},"validityStartDate":{"description":"Certificate validity start date in ISO 8601 format. Defaulted to current date and time in GMT zone at the self-sign certificate generation.","type":"string"}},"$$ref":"#/components/schemas/InternalCA"}}},"description":"Created"},"default":{"content":{"application/json":{"schema":{"type":"object","properties":{"category":{"description":"Describes the category of the error thrown.","enum":["FRAMEWORK","OTHER","VALIDATION"],"type":"string"},"messages":{"description":"List of error messages which the response has.","items":{"type":"object","properties":{"bulkPayloadIndex":{"description":"More details about the error.","type":"string"},"code":{"description":"More details about the error.","type":"string"},"description":{"description":"More details about the error.","type":"string"},"details":{"description":"More details about the error.","type":"string"},"errorCode":{"description":"More details about the error.","type":"string"},"location":{"description":"More details about the error.","type":"string"},"severity":{"description":"Specifies the Highest level severity among all the error messages.","enum":["ERROR","WARN"],"type":"string"}},"$$ref":"#/components/schemas/ErrorMessagesContainer"},"type":"array"},"severity":{"description":"Specifies the Highest level severity among all the error messages.","enum":["ERROR","WARN"],"type":"string"}},"$$ref":"#/components/schemas/ErrorResponse"}}},"description":"Error"}},"tags":["Object"],"__originalOperationId":"createInternalCA","method":"post","path":"/v1/cdfmc/api/fmc_config/v1/domain/{domainUUID}/object/internalcas"}}