Use this endpoint to get information about an SSH key.
curl --location --request POST 'https://daas.digicert.com/apicontroller/v1/key/getKeyDetails' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw ' {
"ip": "10.100.33.105",
"port": 22,
"accountId": 5153289,
"divisionId": 678010,
"keyName": "1573175425789f5639e63ec2766ccdd6",
"scanName": null
}'
{
"error": null,
"data": {
"securityLevel": "Not secure",
"ip": "10.100.33.105",
"port": 22,
"type": "SSH",
"supportedAuthMethods": ["gssapi-keyex", "gssapi-with-mic", "publickey"],
"algorithm": "SSH RSA 2048",
"protocol": "SSH2",
"duplicates": true,
"rotationElapsed": false,
"firstDiscovered": 1626943436385,
"createdDate": 1650442456390,
"filePath":"/home/cwsadmin/19Apr2022_agent3.0/test/keycert3.pem",
"isRootKey": false,
"isOrphanKey": false,
"source": "Agent",
"lastDiscovered": 1650442456390,
"serverHost": "19Apr2022",
"isProtectedKey": false
}
}
Name | Req/Opt | Type | Description |
---|---|---|---|
ip | required | string | IP address related to the key. |
port | required | integer |
Default SSH enabled port . Default value : 22
|
accountId | required | string | Account ID. |
divisionId | required | integer | Division ID. |
keyName | required | string | Name of the key. |
scanName | required | string | Name of the scan. |
Name | Type | Description |
---|---|---|
error | object | Includes the error code, if any. |
data | object | Object container for response. |
.. securityLevel | string |
Security status of the key. Possible values: Secure , Not secure
|
.. ip | string | IP address related to the key. |
.. port | integer | Most SSH configurations use the default port 22. |
.. type | string |
Type of the key. Possible values: SSH
|
.. supportedAuthMethods | array |
List of methods configured on your server for authenticating the SSH key. Possible values: gssapi-keyex , gssapi-with-mic , hostbased , keyboard-interactive , password , publickey , unavailable
|
.. algorithm | string |
Hashing althorithim and keysize (or length) in bits of the SSH key. Possible values: ECDSA SHA2 NISTP256 256 , RSA1 1024 , RSA1 2048 , SSH DSS 1024 , SSH RSA 1024 , SSH ED25519 256 , SSH RSA 2048 , SSH RSA 3072 , SSH RSA 4096 .
|
… protocol | string |
Protocol used to set up an encrypted connection between the systems to communicate over the internet. Possible values: SSH1 , SSH2 .
|
.. duplicates | boolean |
If true , the key has duplicates, otherwise, false .
|
.. rotationElapsed | boolean |
If true , the timeframe for rotating the key has elapsed, and the key should be replaced. Otherwise, false .
|
.. firstDiscovered | integer |
Timestamp for when the key was first discovered. Format: epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: 1596781119000
|
.. createdDate | integer |
Date and time when the key was created. Format: epoch in milliseconds. Example: 1598299200000
|
.. filePath | string |
File path of the key. Values are comma-separated. |
.. isRootKey | boolean | Whether it is a root key. |
.. isOrphanKey | boolean |
Whether it is an orphan key. A key is orphaned when it cannot be used further because the pair is no longer on the server. |
… source | string |
The source used to identify the key. Possible values: Agent ,Sensor
|
.. lastDiscovered | integer | Date the key was last found by CertCentral Discovery scan. |
.. serverHost | string | Server host associated with the key. |
.. isProtectedKey | boolean | Whether it is a protected key. |