Use this endpoint to get a list with details about your SSH keys.
For more information about SSH keys and how to discover SSH keys configured on your server, see SSH keys.
curl --location --request POST 'https://daas.digicert.com/apicontroller/v1/key/list' \
--header 'X-DC-DEVKEY: {{api_key}}' \
--header 'Content-Type: application/json' \
--data-raw
'{
"accountId": 5153184,
"searchCriteriaList": [{
"key": "keyName",
"operation": "EQUALS",
"value": ["f83d1b65a899a602c5c026beb32f21fd119b5976b34c16fb27496b5d68f3405a"]
}, {
"key": "keyIp",
"operation": "EQUALS",
"value": ""
}, {
"key": "keyPath",
"operation": "EQUALS",
"value": "C:\\Certbotold1\\archive\\17feb202001.cert-testing.com\\privkey10.pem"
}],
"divisionIds": [],
"isDuplicateKeyList": true,
"startIndex": 1,
"pageSize": 50,
"filterSelected": "keyName",
"sortedColumnId": "ip",
"sortOrder": "ASC"
}'
{
"error": null,
"data": {
"totalCount": 1,
"currentCount": 1,
"totalKeys": 0,
"keyDetailsList": [{
"keyName": null,
"securityLevel": "Not secure",
"ip": "",
"port": null,
"type": "RSA",
"firstDiscovered": 1650259868203,
"duplicateCount": null,
"scanName": "",
"protocol": null,
"filePath": "C:\\Certbotold1\\keys\\0049_key-certbot.pem",
"isRootKey": null,
"isOrphanKey": null,
"source": null,
"serverHost": "Box64",
"isProtectedKey": null
}]
}
}
Name | Req/Opt | Type | Description |
---|---|---|---|
accountId | required | string | Account ID. |
searchCriteriaList | optional | array |
Filter results by specified values. The array includes key, operation and value. For definitions, see the Filter options for searchCriteriaList table below.Example: searchCriteriaList:[{"key":"userName","operation":"EQUALS","value":["CertCentral Admin"]}]
|
divisionIds | required | array | User's division IDs. |
startIndex | optional | integer |
Index of the first result. Default: 1
|
pageSize | optional | integer |
Number of records per page. Allowed values: 0 to 512 Default: 50
|
filterSelected | required | string |
The value to show in the results for each sensor that meets the search criteria. Allowed values: name , ip , port , type , scanName , authenticationMethods , keyAlgorithm , protocol , duplicateKeys , userName , source , filePath , serverHost , orphanKeys
|
isDuplicateKeyList | required | boolean |
Whether any duplicate key exist. Default: true
|
sortedColumnId | optional | string |
Sort results by specified parameter. Allowed values: serialNumber , ip , port , scanName , serverSecurity , isCertPresent , cn Default: ip
|
sortOrder | optional | string |
Sort direction. Allowed values: DESC (descending: 9-0, Z-A), ASC (ascending: 0-9, A-Z)Default: DESC
|
Name | Type | Description |
---|---|---|
error | object | Includes error codes, if any. |
data | object | Object with information about the filter results. |
..totalCount | integer | Total number of keys based on the filter criteria. |
.. currentCount | integer | Number of records on current page. |
.. keydetailList | array | Container for key details. |
.. .. keyName | string |
Key name. Max length: 80 characters .
|
.. .. securityLevel | string |
Security status of the key. Possible values: Secure , Not secure
|
.. .. ip | string | IP address related to the key. |
.. .. port | integer | Default SSH enabled port. |
.. .. type | string |
Type of the key. Possible values: SSH
|
.. .. firstDiscovered | integer |
Timestamp for when the key was first discovered. Format: epoch in millisecond. Epoch corresponds to 0 hours, 0 minutes, and 0 seconds (00:00:00) Coordinated Universal Time (UTC) on a specific date, which varies from system to system. Example: 1596781119000
|
.. .. duplicateCount | integer | Number of duplicates detected for the key. |
.. .. scanName | string | Scan associated with the key. |
.. .. protocol | string |
Protocol used to set up an encrypted connection between the systems to communicate over the internet. Possible values: SSH1 , SSH2 .
|
.. .. filepath | string | The file path from where the key is discovered. |
.. .. isRootKey | boolean | Whether it is a type of root key. |
.. .. isOrphanKey | boolean |
Whether it is an orphan key. A key is orphaned when it cannot be used further because the pair is no longer on the server. |
.. .. source | string |
The source used to identify the key. Possible values: Agent ,Sensor
|
.. .. serverHost | string | The server host associated with the key. |
.. .. isProtectedKey | boolean | Whether it is a protected key. |
The array includes key, operation and value.
Key | Operation | Value |
---|---|---|
userName
|
EQUALS |
CertCentral Admin , system
|
keyName
|
EQUALS |
Key name
|
ip
|
EQUALS |
IP address
|
keyPath
|
EQUALS |
Path to the key
|
port
|
EQUALS |
22
|
authenticationMethods
|
EQUALS |
gssapi-keyex , gssapi-with-mic , hostbased ., keyboard-interactive , password , publickey , unavailable
|
duplicateKeys
|
EQUALS |
No , Yes
|
type
|
EQUALS |
SSH
|
rotationLimit
|
EQUALS |
6 months , 9 months1 year , 2 years .
|
keyAlgorithm
|
EQUALS |
ECDSA SHA2 NISTP256 256 , RSA1 1024 , RSA1 2048 , SSH DSS 1024 , SSH RSA 1024 , SSH ED25519 , SSH RSA 2048 , SSH RSA 3072 , SSH RSA 4096 , DSA 1024 , DSA 512 , DSA 8192
|
protocol
|
EQUALS |
SSH1 , SSH2
|
scanName
|
EQUALS |
Scan name
|