Skip to main content
Version: 2.6.9

πŸ”— API Endpoints

The SecTrail CM API provides various endpoints to automate your certificate management operations. For detailed documentation of all endpoints, you can use the Swagger interface:

https://your-sectrailcm-server/documentation

Primary Use Cases​

1. Certificate Signing​

You can perform certificate signing operations in various formats through the API:

Supported Signing Types:

  • CSR (Certificate Signing Request) signing
  • Self-Signed certificate creation
  • Template-based certificate generation
  • JKS (Java KeyStore) format certificate creation

Endpoint:

POST /api/generate
info

For certificate signing operations, the operation type is determined using the requestType parameter. Please review the Swagger documentation for a detailed parameter list.

2. Certificate Upload and Distribution​

You can automatically distribute your certificates to target servers and devices through the API:

Features:

  • Distribution to multiple target devices (F5, Apache, Nginx, IIS, etc.)
  • Virtual host-based distribution
  • Scheduled distribution support
  • Retry mechanism for failed distributions
  • Distribution status querying and monitoring

Endpoint:

POST /api/deployment

3. Discovery List Management​

You can manage your discovery lists in bulk through the API:

Features:

  • Discovery list creation
  • Bulk domain/IP addition
  • Querying discovery results
  • Scheduling discovery plans

Endpoint:

POST /api/discoverList

4. Certificate Inventory​

You can query certificates in the inventory and retrieve their information:

Features:

  • Retrieving bulk certificate list
  • Viewing certificate details
  • Querying certificate status

Endpoint:

POST /api/getCertificates

API Usage Examples​

Authentication​

You must use an authentication token in all API requests:

curl -X POST https://your-sectrailcm-server/api/endpoint \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"key": "value"}'

Error Handling​

The API uses standard HTTP status codes:

  • 200 OK - Request successful
  • 201 Created - Resource created
  • 400 Bad Request - Invalid request
  • 401 Unauthorized - Authentication error
  • 403 Forbidden - Authorization error
  • 404 Not Found - Resource not found
  • 500 Internal Server Error - Server error

Swagger Documentation​

Use the Swagger interface for detailed descriptions of all endpoints, parameter definitions, and example request/response structures:

https://your-sectrailcm-server/documentation

Through the Swagger interface, you can:

  • Explore all endpoints
  • View request/response schemas
  • Test API calls interactively
tip

You can use the "Try it out" feature in the Swagger documentation to test your API calls directly and see the results.