Skip to main content
Skip table of contents

Certificate Manager (CM) REST API

This article includes updates for Certificate Manager 8.11. 

This article describes the Certificate Manager REST API (RESTful application programming interface) in Certificate Manager.

Certificate Manager REST API (RESTful application programming interface) is an HTTP-based service for x.509 and attribute certificates creation, certificate searching, certificate download, certificate revocation, certificate reinstatement, creation of PKCS#12 files and token procedure listing in Certificate Manager. 

The API requires client authentication over TLS using a CM officer certificate. Write operations like revoke, reinstate and certificate issuance requires the request data to be signed by a CM officer. The REST API server can also be configured to use a CM officer for signing the requests on the caller’s behalf, enabling automated services for trusted clients.

The accompanied files APISigningWithOpenSSL.sh and APISigningWithBouncyCastle.java referenced below can be found in a CM client installation together with the Protocol Gateway web archive filesee Install Protocol Gateway.

For more information, see:

Date-time format

The expected date-time format for time search fields is ISO 8601. Example: 2021-12-20T08:01:30Z.

This article only contains plain documentation of the Certificate Manager REST API. It is not possible to try out the commands. 

Important! View all request bodies in Confluence.

Open Nexus product documentation in Confluence to view all request bodies in the REST API.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.