Certificate Renew
The certificate_renew
endpoint of the CA API allows you to request a new, signed
certificate by presenting a certificate that was signed previously by the CA.
If the certificate-authority.allow-auto-renewal
configuration is set to true
, and the certificate
presented is valid and was signed by the CA, a new signed certificate will be returned in PEM format
that is valid for the period set in the certificate-authority.auto-renewal-cert-ttl
configuration setting.
POST /puppet-ca/v1/certificate_renew
Content-Type: text/plain
Supported HTTP Methods
POST
Supported Response Formats
text/plain
The returned certificate is always in the PEM format.
Parameters
None
Responses
Certificate renewed
POST /puppet-ca/v1/certificate_renew
HTTP 200 OK
Content-Type: text/plain
-----BEGIN CERTIFICATE-----
MIIGKDCCBBCgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBHMUUwQwYDVQQDDDxQdXBw
ZXQgRW50ZXJwcmlzZSBDQSBnZW5lcmF0ZWQgYXQgKzIwMjMtMDUtMzAgMjE6NTQ6
MTcgKzAwMDAwHhcNMjMwNTMwMjIzMDI0WhcNMjMwNzMwMjIzMDI0WjAtMSswKQYD
VQQDDCJncmV5LWNoaWxpLmRlbGl2ZXJ5LnB1cHBldGxhYnMubmV0MIICIjANBgkq
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqzhxTRwS2gqJqaX8sALVcrIGN2RFjdmx
Etb6gpV6+R1oQukk4PHrqMzwu96n/jlPdefc+YYiQEHRlZUDpqEFFLQibdBifD20
pOK3AvNFyczy13zxG3cvSNnARQI6skPWmwa+d0pKynB7KqKZANkbZf19cnUZ961p
iZhVQsiS6iFuZaagrQb3k5WCvblN6brbRva7l9ObLf0RP19FeYRbVFlPbLFeKpqQ
U7eXQYN07gQQEhMaR1wPb7HCQv6xa/ysDAGmlFVe763xDW3NR+Otnkf29zdny3QC
y2Vs/RIPHIwV6lxeoC/zNXBWxBRvChMMX5V9/+k27q7o2NPC/ruG/Lzb/pBJk/Qz
utlWWw3z2KpYkPzIUBuNGVuawX5KY8Stda4DUlGhap7v97uuzpsu6OksyfCvuVZK
ITVzmJqA27I2nIXvf2LK7lVB/JUSGYzKIgOV+G6eqzsjGoAhUryl/AWR3pujiFoK
hjYH0yF7LqadfEQP8nXR2NYlC+sN/8GqqBvjZyA8smpMYD2W3hyi4/waIv0RNwKL
ChCJN5nFKSveNR6yB24sS7p3xq1z+bBPQUY/soA+aAfveLzhCjj+UrllNa1TroBQ
otZRWpVLgAdeeQqYy2513T7Ka5Jpqvm3vYbhqb0DsdExTdKeHS3uC3CVd7jpEBT9
S0mRanOW4iMCAwEAAaOCATcwggEzMB0GA1UdDgQWBBRHEZkAXqy+GTWobU1bzAhS
Qyl8uTBRBgNVHSMESjBIgBTjeOnlr2CLbx5TI+LR+waDhMRhgaEtpCswKTEnMCUG
A1UEAwweUHVwcGV0IFJvb3QgQ0E6IGM1MjRiNGJiMTM2MWNkggECMDEGCWCGSAGG
+EIBDQQkFiJQdXBwZXQgU2VydmVyIEludGVybmFsIENlcnRpZmljYXRlMBUGCysG
AQQBgoxMAQMnBAYMBHRydWUwNQYDVR0RBC4wLIIiZ3JleS1jaGlsaS5kZWxpdmVy
eS5wdXBwZXRsYWJzLm5ldIIGcHVwcGV0MAwGA1UdEwEB/wQCMAAwIAYDVR0lAQH/
BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDANBgkqhkiG
9w0BAQsFAAOCAgEAhojlY4jtOsbVw2vPBh+2nt9tzR4P+RoxkaEhjjjdfKOeNUVd
Nk8YkXpQ3J+ZFDNLiQUw8x8gwIY5QEOflrTRjwtsMJDc+ROUYvWIxx0P9d/Q8X1N
lIHNrksTiVYkmNHIbdAJ44zsIq0l/a498DIHUDW6LRpU2FHA++O/BL6wwjcnMLqN
R3YO1+GOktUNqpJq30b5ovIoTwXOmEZN+tZImzsp5XbAEwsMo1RKB5Y8SQOGJV+J
Au4rC/DVjpNeVoJ/ubcHfNRij+BXQBkc2kHzkvMOpy4m0tPna2XxZs9rBLeALWRI
QcL6nhSYJUBemrcbwZOGokf2G3SR5YkyGCJdC7Q8Eslc+HlMXthhOpupaDHfVZav
vNCf/LxwE9lOVr3JOFgcQ00bUwMJoEAhffH5cGrELre2BjoxbTPjEVEftKTRFAdt
VCw3NbQNmRsXsBjWhicrSzMjBZcQYRtThKTkQwKpYaOeNGbD4Qnn8dlf12TKKnH+
G44CxL2p3nazisOMgrLj4NNlPqVEDkCiUmu07TEL7WQNCyLRM3eF2SNAzf9o99ld
xo0rTRmXqKG4SYbcG8r8Eh4IkkKPcEjznInwqXpgh0pZv+rnbMKZhgeQ4qKrJ2Gh
51n6MCu+Ymbiu3aFfhWUOyNJ09EGh0XHdcsyUXkKf+QlMOOemNYk1U0Y4Rs=
-----END CERTIFICATE-----
Auto-renew not enabled
POST /puppet-ca/v1/certificate_renew
HTTP 404 Not Found
Content-Type: text/plain
Invalid certificate presented
POST /puppet-ca/v1/certificate_renew
HTTP 403 Forbidden
Content-Type: text/plain
No/malformed certificate presented
POST /puppet-ca/v1/certificate_renew
HTTP 400 Bad Request
Content-Type: text/plain