Module default_api Copy item path Source ConfigBackupPassphrasePutError struct for typed errors of method config_backup_passphrase_put ConfigLoggingGetError struct for typed errors of method config_logging_get ConfigLoggingPutError struct for typed errors of method config_logging_put ConfigNetworkGetError struct for typed errors of method config_network_get ConfigNetworkPutError struct for typed errors of method config_network_put ConfigTimeGetError struct for typed errors of method config_time_get ConfigTimePutError struct for typed errors of method config_time_put ConfigTlsCertPemGetError struct for typed errors of method config_tls_cert_pem_get ConfigTlsCertPemPutError struct for typed errors of method config_tls_cert_pem_put ConfigTlsCsrPemPostError struct for typed errors of method config_tls_csr_pem_post ConfigTlsGeneratePostError struct for typed errors of method config_tls_generate_post ConfigTlsPublicPemGetError struct for typed errors of method config_tls_public_pem_get ConfigUnattendedBootGetError struct for typed errors of method config_unattended_boot_get ConfigUnattendedBootPutError struct for typed errors of method config_unattended_boot_put ConfigUnlockPassphrasePutError struct for typed errors of method config_unlock_passphrase_put HealthAliveGetError struct for typed errors of method health_alive_get HealthReadyGetError struct for typed errors of method health_ready_get HealthStateGetError struct for typed errors of method health_state_get InfoGetError struct for typed errors of method info_get KeysGeneratePostError struct for typed errors of method keys_generate_post KeysGetError struct for typed errors of method keys_get KeysKeyIdCertDeleteError struct for typed errors of method keys_key_id_cert_delete KeysKeyIdCertGetError struct for typed errors of method keys_key_id_cert_get KeysKeyIdCertPutError struct for typed errors of method keys_key_id_cert_put KeysKeyIdCsrPemPostError struct for typed errors of method keys_key_id_csr_pem_post KeysKeyIdDecryptPostError struct for typed errors of method keys_key_id_decrypt_post KeysKeyIdDeleteError struct for typed errors of method keys_key_id_delete KeysKeyIdEncryptPostError struct for typed errors of method keys_key_id_encrypt_post KeysKeyIdGetError struct for typed errors of method keys_key_id_get KeysKeyIdMovePostError struct for typed errors of method keys_key_id_move_post KeysKeyIdPublicPemGetError struct for typed errors of method keys_key_id_public_pem_get KeysKeyIdPutBody KeysKeyIdPutError struct for typed errors of method keys_key_id_put KeysKeyIdRestrictionsTagsTagDeleteError struct for typed errors of method keys_key_id_restrictions_tags_tag_delete KeysKeyIdRestrictionsTagsTagPutError struct for typed errors of method keys_key_id_restrictions_tags_tag_put KeysKeyIdSignPostError struct for typed errors of method keys_key_id_sign_post KeysKeyPrefixGetError struct for typed errors of method keys_key_prefix_get KeysPostBody KeysPostError struct for typed errors of method keys_post LockPostError struct for typed errors of method lock_post MetricsGetError struct for typed errors of method metrics_get NamespacesGetError struct for typed errors of method namespaces_get NamespacesNamespaceIdDeleteError struct for typed errors of method namespaces_namespace_id_delete NamespacesNamespaceIdPutError struct for typed errors of method namespaces_namespace_id_put ProvisionPostError struct for typed errors of method provision_post RandomPostError struct for typed errors of method random_post SystemBackupPostError struct for typed errors of method system_backup_post SystemCancelUpdatePostError struct for typed errors of method system_cancel_update_post SystemCommitUpdatePostError struct for typed errors of method system_commit_update_post SystemFactoryResetPostError struct for typed errors of method system_factory_reset_post SystemInfoGetError struct for typed errors of method system_info_get SystemRebootPostError struct for typed errors of method system_reboot_post SystemRestorePostError struct for typed errors of method system_restore_post SystemShutdownPostError struct for typed errors of method system_shutdown_post SystemUpdatePostError struct for typed errors of method system_update_post UnlockPostError struct for typed errors of method unlock_post UsersGetError struct for typed errors of method users_get UsersPostError struct for typed errors of method users_post UsersUserIdDeleteError struct for typed errors of method users_user_id_delete UsersUserIdGetError struct for typed errors of method users_user_id_get UsersUserIdPassphrasePostError struct for typed errors of method users_user_id_passphrase_post UsersUserIdPostError struct for typed errors of method users_user_id_post UsersUserIdPutError struct for typed errors of method users_user_id_put UsersUserIdTagsGetError struct for typed errors of method users_user_id_tags_get UsersUserIdTagsTagDeleteError struct for typed errors of method users_user_id_tags_tag_delete UsersUserIdTagsTagPutError struct for typed errors of method users_user_id_tags_tag_put config_backup_passphrase_put Update the backup passphrase. If the backup passphrase is not set yet, use "" as currentPassphrase. WARNING: Like the unlock passphrase, this configuration can’t be reset by an admin user without knowing the current value, so if the backup passphrase is lost, neither can it be reset to a new value nor can the created backups be restored. config_logging_get Get logging configuration. Protocol is always syslog over UDP. Configurable are IP adress and port, log level. config_logging_put Configure log level and destination. config_network_get Get network configuration. IP address, netmask, router. config_network_put Configure network. config_time_get Get system time. config_time_put Configure system time. config_tls_cert_pem_get Get certificate for NetHSMs https API. config_tls_cert_pem_put Set certificate for NetHSMs https API e.g. to replace self-signed intital certificate. config_tls_csr_pem_post Get NetHSM certificate signing request e.g. to replace self-signed intital certificate. config_tls_generate_post Generate a new pair of public and private key for NetHSM’s https API. config_tls_public_pem_get Get public key for NetHSMs https API. config_unattended_boot_get Read unattended boot configuration: is it on or off? config_unattended_boot_put Configure unattended boot: switch it on or off (flip the switch). config_unlock_passphrase_put Update the unlock passphrase. WARNING: The unlock passphrase can’t be reset by an admin user without knowing the current value, so if the unlock passphrase is lost, neither can it be reset to a new value nor can the NetHSM be unlocked. health_alive_get Retrieve whether NetHSM is fully started but not ready to take traffic. This corresponds to the state Locked or Unprovisioned . health_ready_get Retrieve whether NetHSM is in state Operational and thus ready to take traffic. health_state_get Retrieve the state of NetHSM. info_get Information about the vendor and product. keys_generate_post Generate a pair of public and private key and store it in NetHSM. KeyID is optional as a parameter and will be generated by NetHSM if not present. The key is stored in the caller’s namespace. keys_get Get a list of the identifiers of all keys that are currently stored in NetHSM. If the caller is in a namespace, only keys in that namespace are returned. Separate requests need to be made to request the individual key data. To fetch only a subset of keys, consider using /keys/pfx*. keys_key_id_cert_delete Delete the certificate. keys_key_id_cert_get Retrieve a stored certificate in the exact format it was stored. keys_key_id_cert_put Store a certificate. Maximum size 1MB. The Content-Type must be application/octet-stream. keys_key_id_csr_pem_post Retrieve a certificate signing request in PEM format. keys_key_id_decrypt_post Decrypt an encrypted message with the secret key. keys_key_id_delete Delete a pair of public and private key. keys_key_id_encrypt_post Encrypt a message with the secret key. keys_key_id_get Retrieve a single public key. keys_key_id_move_post Move a key by changing its identifier. The key content remains unchanged, but it will be accessible under the new identifier. The old identifier becomes invalid after successful move. keys_key_id_public_pem_get Retrieve public key in PEM format. keys_key_id_put Import a private key into NetHSM and store it under the KeyID path. The public key will be automatically derived. The parameters of the key can be passed as a PEM file or a JSON object. The key is stored in the caller’s namespace. keys_key_id_restrictions_tags_tag_delete Delete a tag from the authorized set keys_key_id_restrictions_tags_tag_put Add a tag to the authorized set keys_key_id_sign_post Sign a message with the secret key. keys_key_prefix_get Get a list of the identifiers of all keys that have a KeyID that starts with KeyPrefix. If the caller is in a namespace, only keys in that namespace are returned. Separate requests need to be made to request the individual key data. keys_post Import a private key into NetHSM and let NetHSM generate a KeyID. The public key will be automatically derived. The parameters of the key can be passed as a PEM file or a JSON object. The key is stored in the caller’s namespace. lock_post Brings an Operational NetHSM into Locked state. metrics_get Get metrics. Precondition: NetHSM is Operational and a R-Metrics can be authenticated. namespaces_get Get a list of all created namespaces. Note that users may be assigned namespaces not present in this list, as long as the namespace has not been created. namespaces_namespace_id_delete Delete a namespace. WARNING: all keys from that namespace are deleted. namespaces_namespace_id_put Create a namespace on keyfender. All users in that namespace can now be used, and all user management power is delegated to admins in that namespace. provision_post Initial provisioning, only available in Unprovisioned state. WARNING: The unlock passphrase can’t be reset by an admin user without knowing the current value, so if the unlock passphrase is lost, neither can it be reset to a new value nor can the NetHSM be unlocked. random_post Retrieve cryptographically strong random bytes from NetHSM. Precondition: NetHSM is Operational and a R-Operator can be authenticated. system_backup_post Back up the key store to a backup file. system_cancel_update_post Cancel update of NetHSM software. system_commit_update_post Commit update of NetHSM software. system_factory_reset_post Reset NetHSM to factory settings. system_info_get Get detailed system information, including firmware, system, and hardware version. system_reboot_post Reboot NetHSM. system_restore_post Restore the key store and user store from a backup file. If NetHSM is Unprovisioned , then the configuration is restored. system_shutdown_post Shut down NetHSM. Authentication behavior varies by NetHSM state: - Operational : Requires Administrator authentication - Locked or Unprovisioned : No authentication required system_update_post Update NetHSM software. unlock_post Brings a Locked NetHSM into Operational state. users_get Get a list of all user ids that have accounts on NetHSM. If the caller is in a namespace, return only users in that namespace. users_post Create a new user on NetHSM, inheriting the caller’s namespace. The user-ID is generated by NetHSM. users_user_id_delete Delete a user from keyfender. users_user_id_get Get user info: name and role. users_user_id_passphrase_post Update the passphrase. users_user_id_post Create a new user on NetHSM, in the namespace specified as a prefix in the path with the format ‘namespace~’. For example, a POST request on "https://nethsm.local/v1/users/namespace1~" will generate a user-ID and create that user in "namespace1". The namespace prefix must be present: for creating users without a namespace, use a POST on "/v1/users". users_user_id_put Create a user on keyfender. The new user must either be in the same namespace as the caller, or be in a namespace not created yet if the caller has no namespace. users_user_id_tags_get Get the list of tags set to an Operator user. users_user_id_tags_tag_delete Delete a tag from the Operator user users_user_id_tags_tag_put Add a tag to the Operator user.