Certificates API reference¶

See https://docs.openstack.org/barbican/latest/api/.

Barbican, the Key Manager service in OpenStack, provides a RESTful API for securely storing, provisioning, and managing cryptographic keys, certificates, and other secrets. Here's a list of some key Barbican API endpoints related to working with certificates:

Create a secret (certificate)¶

Method: POST
Endpoint: /v1/secrets
Description: Create a new secret (such as a certificate) in Barbican.

List secrets (certificates)¶

Method: GET
Endpoint: /v1/secrets
Description: Retrieve a list of secrets stored in Barbican.

Get secret metadata (certificates)¶

Method: GET
Endpoint: /v1/secrets/{secret_id}
Description: Retrieve metadata about a specific secret without retrieving the secret's payload.

Get secret payload (certificates)¶

Method: GET
Endpoint: /v1/secrets/{secret_id}/payload
Description: Retrieve the payload (content) of a specific secret, such as the actual certificate data.

Delete a secret (certificate)¶

Method: DELETE Endpoint: /v1/secrets/{secret_id} escription: Delete a specific secret from Barbican.

Create a container for certificates¶

Method: POST
Endpoint: /v1/containers
Description: Create a container in Barbican to group related secrets, such as a certificate, private key, and intermediates.

List containers¶

Method: GET
Endpoint: /v1/containers
Description: Retrieve a list of containers in Barbican.

Get container¶

Method: GET
Endpoint: /v1/containers/{container_id}
Description: Retrieve a specific container, including its metadata and references to its contained secrets.

Delete a container¶

Method: DELETE
Endpoint: /v1/containers/{container_id}
Description: Delete a specific container from Barbican.

Create an order for certificate issuance¶

Method: POST
Endpoint: /v1/orders
Description: Create an order for a certificate issuance process, specifying the necessary information for the certificate authority to issue a certificate.