Get key details
3 minute read
POST
Use this endpoint to get information about an SSH key.https://daas.digicert.com/apicontroller/v1/key/getKeyDetails
Example requests and responses
cURL
curl --location --request POST 'https://daas.digicert.com/apicontroller/v1/key/getKeyDetails' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw ' {
"ip": "10.100.33.105",
"port": 22,
"accountId": 5153289,
"divisionId": 678010,
"keyName": "1573175425789f5639e63ec2766ccdd6",
"scanName": null
}'
200 OK
{
"error": null,
"data": {
"securityLevel": "Not secure",
"ip": "10.100.33.105",
"port": 22,
"type": "SSH",
"supportedAuthMethods": ["gssapi-keyex", "gssapi-with-mic", "publickey"],
"algorithm": "SSH RSA 2048",
"protocol": "SSH2",
"duplicates": true,
"rotationElapsed": false,
"firstDiscovered": 1626943436385,
"createdDate": 1650442456390,
"filePath":"/home/cwsadmin/19Apr2022_agent3.0/test/keycert3.pem",
"isRootKey": false,
"isOrphanKey": false,
"source": "Agent",
"lastDiscovered": 1650442456390,
"serverHost": "19Apr2022",
"isProtectedKey": false
}
}
Request parameters
| Name | Req/Opt | Type | Description |
|---|---|---|---|
| ip | required | string | IP address related to the key. |
| port | required | integer | Default SSH enabled port . Default value: 22 |
| accountId | required | string | Account ID. |
| divisionId | required | integer | Division ID. |
| keyName | required | string | Name of the key. |
| scanName | required | string | Name of the scan. |
Response parameters
| Name | Type | Description |
|---|---|---|
| error | object | Includes the error code, if any. |
| data | object | Object container for response. |
| .. securityLevel | string | Security status of the key. Possible values: Secure, Not secure |
| .. ip | string | IP address related to the key. |
| .. port | integer | Most SSH configurations use the default port 22. |
| .. type | string | Type of the key. Possible values: SSH |
| .. supportedAuthMethods | array | List of methods configured on your server for authenticating the SSH key. Possible values: gssapi-keyex, gssapi-with-mic, hostbased, keyboard-interactive, password, publickey, unavailable |
| .. algorithm | string | Hashing algorithm and keysize (or length) in bits of the SSH key. Possible values: ECDSA SHA2 NISTP256 256, RSA1 1024, RSA1 2048, SSH DSS 1024, SSH RSA 1024, SSH ED25519 256, SSH RSA 2048, SSH RSA 3072, SSH RSA 4096. |
| … protocol | string | Protocol used to set up an encrypted connection between the systems to communicate over the internet. Possible values: SSH1, SSH2. |
| .. duplicates | boolean | If true, the key has duplicates, otherwise, false. |
| .. rotationElapsed | boolean | If true, the timeframe for rotating the key has elapsed, and the key should be replaced. Otherwise, false. |
| .. firstDiscovered | integer | Timestamp for when the key was first discovered. **Format:**epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: 1596781119000 |
| .. createdDate | integer | Date and time when the key was created. **Format:**epoch in millisecond. Example: 1598299200000 |
| .. filePath | string | File path of the key. Values are comma-separated. |
| .. isRootKey | boolean | Whether it is a root key. |
| .. isOrphanKey | boolean | Whether it is an orphan key. A key is orphaned when it cannot be used further because the pair is no longer on the server. |
| .. source | string | The source used to identify the key. Possible values: Agent, Sensor. |
| .. lastDiscovered | integer | Date the key was last found by CertCentral Discovery scan. |
| .. serverHost | string | Server host associated with the key. |
| .. isProtectedKey | boolean | Whether it is a protected key. |
Was this page helpful?
Provide feedback