Use this endpoint to get information about an SSH key.
curl --location --request POST 'https://daas.digicert.com/apicontroller/v1/key/getKeyDetails' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw ' {
"ip": "10.100.33.105",
"port": 22,
"accountId": 5153289,
"divisionId": 678010,
"keyName": "1573175425789f5639e63ec2766ccdd6",
"scanName": null
}'{
"error": null,
"data": {
"securityLevel": "Not secure",
"ip": "10.100.33.105",
"port": 22,
"type": "SSH",
"supportedAuthMethods": ["gssapi-keyex", "gssapi-with-mic", "publickey"],
"algorithm": "SSH RSA 2048",
"protocol": "SSH2",
"duplicates": true,
"rotationElapsed": false,
"firstDiscovered": 1626943436385,
"createdDate": 1650442456390,
"filePath":"/home/cwsadmin/19Apr2022_agent3.0/test/keycert3.pem",
"isRootKey": false,
"isOrphanKey": false,
"source": "Agent",
"lastDiscovered": 1650442456390,
"serverHost": "19Apr2022",
"isProtectedKey": false
}
}| Name | Req/Opt | Type | Description |
|---|---|---|---|
| ip | required | string | IP address related to the key. |
| port | required | integer |
Default SSH enabled port . Default value : 22
|
| accountId | required | string | Account ID. |
| divisionId | required | integer | Division ID. |
| keyName | required | string | Name of the key. |
| scanName | required | string | Name of the scan. |
| Name | Type | Description |
|---|---|---|
| error | object | Includes the error code, if any. |
| data | object | Object container for response. |
| .. securityLevel | string |
Security status of the key. Possible values: Secure, Not secure
|
| .. ip | string | IP address related to the key. |
| .. port | integer | Most SSH configurations use the default port 22. |
| .. type | string |
Type of the key. Possible values: SSH
|
| .. supportedAuthMethods | array |
List of methods configured on your server for authenticating the SSH key. Possible values: gssapi-keyex, gssapi-with-mic, hostbased, keyboard-interactive, password, publickey, unavailable
|
| .. algorithm | string |
Hashing althorithim and keysize (or length) in bits of the SSH key. Possible values: ECDSA SHA2 NISTP256 256, RSA1 1024, RSA1 2048, SSH DSS 1024, SSH RSA 1024, SSH ED25519 256, SSH RSA 2048, SSH RSA 3072, SSH RSA 4096.
|
| … protocol | string |
Protocol used to set up an encrypted connection between the systems to communicate over the internet. Possible values: SSH1, SSH2.
|
| .. duplicates | boolean |
If true, the key has duplicates, otherwise, false.
|
| .. rotationElapsed | boolean |
If true, the timeframe for rotating the key has elapsed, and the key should be replaced. Otherwise, false.
|
| .. firstDiscovered | integer |
Timestamp for when the key was first discovered. Format: epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: 1596781119000
|
| .. createdDate | integer |
Date and time when the key was created. Format: epoch in milliseconds. Example: 1598299200000
|
| .. filePath | string |
File path of the key. Values are comma-separated. |
| .. isRootKey | boolean | Whether it is a root key. |
| .. isOrphanKey | boolean |
Whether it is an orphan key. A key is orphaned when it cannot be used further because the pair is no longer on the server. |
| … source | string |
The source used to identify the key. Possible values: Agent,Sensor
|
| .. lastDiscovered | integer | Date the key was last found by CertCentral Discovery scan. |
| .. serverHost | string | Server host associated with the key. |
| .. isProtectedKey | boolean | Whether it is a protected key. |