Skip to content

keyring_secret_generate_init

Sectech

Generates a new secret.

It initializes the secret generation process, the result can be obtained by the keyring_reconnect call.

Params

Either id or type must be defined, but not both.

attribute description
id*
string; ^[a-zA-Z][a-zA-Z0-9_]{0,127}$		 The IDs of the secrets to populate with the generated data. If the ID already exists in the device, the secret will be updated. If the ID does not exist a new secret will be created.
type*
'pkey_cert'|'cert_single'|'cert_chain'|'dhparam'|'remote_access'|'ssh_private'|'uftp'|'psk'|'openvpn'		 The secret type
note
^[^"`\\$;]{0,42}$		 User description of the secret. It can only be specified when creating a new secret, that is when id is not defined.
params
dhparam |pkey_cert|cert_single		 Extra parameters needed for generating depending on type

cert_single

attribute description
id*
string		 The ID of en existing pkey_cert to use for generating. If Certification Authority (CA) is configured and enabled in the system it will be used to sign the certificate.
modifier
'openvpn_client'|'openvpn_server'		 The modifier to use when generating

dhparam

attribute description
group*
'Generate'|'ffdhe2048'|'ffdhe3072'|'ffdhe4096'|'ffdhe6144'|'ffdhe8192'		 Indicates the Diffie-Hellman group to use

cert_chain

attribute description
id*
string		 The ID of en existing pkey_cert to use for generating.

psk

attribute description
length*
unsigned integer		 The secret lenght in bytes (not bits)

Return

attribute description
delay*
unsigned int		 Indicates in how many seconds the client should attempt to reestablish the connection. The value must be lower than timeout.
interval*
unsigned int		 The interval in seconds between attempts to reconnect after the initial delay
interval_increase*
unsigned int		 By how many seconds should increase the interval between attempts
timeout*
unsigned int		 Indicates after how many seconds should attempts to reestablish connection be given up. It is measured from the moment the response to this call was received by the client. Its value must be greater than delay.
session_id*
string		 The session ID to be used when reconnecting

Example

{
    "delay": 18,
    "interval": 2,
    "interval_increase": 3,
    "timeout": 60,
    "session_id": "GSHGPX"
}