Skip to main content

List keys

POST https://daas.digicert.com/apicontroller/v1/key/list

Use this endpoint to get a list with details about your SSH keys.

Related topic

For more information about SSH keys and how to discover SSH keys configured on your server, see SSH keys.

Example requests and responses

Request parameters

Name

Req/Opt

Type

Description

accountId

required

string

Account ID.

searchCriteriaList

optional

array

Filter results by specified values. The array includes key, operation and value. For definitions, see the Filter options for searchCriteriaList table below.

Example:

searchCriteriaList:[
  {
    "key":"userName",
    "operation":"EQUALS",
    "value":["CertCentral Admin"]
  }
]

divisionIds

required

array

User's division IDs.

startIndex

optional

integer

Index of the first result.

Default: 1

pageSize

optional

integer

Number of records per page.

Allowed values: 0 to 512

Default: 50

filterSelected

required

string

The value to show in the results for each sensor that meets the search criteria.

Allowed values: name, ip, port, type, scanName, authenticationMethods, keyAlgorithm, protocol, duplicateKeys,userName, source, filePath, serverHost, orphanKeys

isDuplicateKeyList

required

boolean

Whether any duplicate key exist.

Default: true

sortedColumnId

optional

string

Sort results by specified parameter.

Allowed values: serialNumber, ip, port, scanName, serverSecurity, isCertPresent, cn

Default: ip

sortOrder

optional

string

Sort direction.

Allowed values: DESC (descending: 9-0, Z-A), ASC (ascending: 0-9, A-Z)

Default: DESC

Response parameters

Name

Type

Description

error

object

Includes error codes, if any.

data

object

Object with information about the filter results.

.. totalCount

integer

Total number of keys based on the filter criteria.

.. currentCount

integer

Number of records on current page.

.. keydetailList

array

Container for key details.

.. .. keyName

string

Key name.

Max length: 80 characters.

.. .. securityLevel

string

Security status of the key.

Possible values: Secure, Not secure

.. .. ip

string

IP address related to the key.

.. .. port

integer

Default SSH enabled port.

.. .. type

string

Type of the key.

Possible values: SSH

.. .. firstDiscovered

integer

Timestamp for when the key was first discovered.

Format: epoch in millisecond.

Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system.

Example: 1596781119000

.. .. duplicateCount

integer

Number of duplicates detected for the key.

.. .. scanName

string

Scan associated with the key.

.. .. protocol

string

Protocol used to set up an encrypted connection between the systems to communicate over the internet.

Possible values: SSH1, SSH2.

.. .. filepath

string

The file path from where the key is discovered.

.. .. isRootKey

boolean

Whether it is a type of root key.

.. .. isOrphanKey

boolean

Whether it is an orphan key.

A key is orphaned when it cannot be used further because the pair is no longer on the server.

.. .. source

string

The source used to identify the key.

Possible values: Agent, Sensor.

.. .. serverHost

string

The server host associated with the key.

.. .. isProtectedKey

boolean

Whether it is a protected key.

Filter options for searchCriteriaList

The array includes key, operation and value.

Key

Operation

Value

userName

EQUALS

Cert Central Admin, system

keyName

EQUALS

Key name

ip

EQUALS

IP address

keyPath

EQUALS

Path to the key

port

EQUALS

22

authenticationMethods

EQUALS

gssapi-keyex, gssapi-with-mic, hostbased., keyboard-interactive, password, publickey, unavailable

duplicateKeys

EQUALS

No, Yes

type

EQUALS

SSH

rotationLimit

EQUALS

6 months, 9 months1 year, 2 years.

keyAlgorithm

EQUALS

ECDSA SHA2 NISTP256 256, RSA1 1024, RSA1 2048, SSH DSS 1024, SSH RSA 1024, SSH ED25519 256, SSH RSA 2048, SSH RSA 3072, SSH RSA 4096.

protocol

EQUALS

SSH1, SSH2

scanName

EQUALS

Scan name