Add Certificate Settings for Prisma Cloud Compute

POST /api/v32.04/settings/certs

x-prisma-cloud-target-env: {"permission":"manageDefenders","saas":false,"self-hosted":true}
x-public: true

Adds or deletes Subject Alternative Name(s) (SANs) in Prisma Cloud Compute's certificate. Defenders use these names to connect to Prisma Cloud Compute.

SANs are set in a single shot. You should first retrieve the list of SANs with the GET method. Then add or remove entries from the consoleSAN array, and post the updated JSON object.

For more information, see Certificates.

cURL Request

Refer to the following example cURL request that uses basic auth to add node-01.example.com to the subjectAltName field in the certificate:

curl -k \
  -u <USER> \
  -H 'Content-Type: application/json' \
  -w "\nResponse code: %{http_code}\n" \
  -X POST \
  -d '
  {
    "consoleSAN": [
      "10.240.0.34",
      "172.17.0.1",
      "ian-23.c.cto-sandbox.internal",
      "127.0.0.1",
      "node-01.example.com"
    ]
  }' \
  "https://<CONSOLE>/api/v<VERSION>/settings/certs"

Request

application/json

Body

caExpiration date-time

CAExpiration holds the expiration date of the CA cert.

consoleSAN string (string)[]

ConsoleSAN if specified, use this list as the SAN for the console server certificate. Used for websocket and API.

defenderOldCAExpiration date-time

DefenderOldCAExpiration holds the expiration time of the defender old CA cert.

Responses

200
default

Add Certificate Settings for Prisma Cloud Compute

/api/v32.04/settings/certs

cURL Request​

Request​

Body

Responses​

cURL Request

Request

Responses