Spal,
The restman call to create and update a trusted certificate are outlined below. Please note that the update requires the unique ID that can either be queried against the trusted certificates or you know the ID.
Create a Trusted Certificate:
HTTP Method: POST
URL: https://<FQDN or IP of the gateway>:8443/restman/1.0/trustedCertificates
Payload sample:
<l7:TrustedCertificate xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
<l7:Name>supclient</l7:Name>
<l7:CertificateData>
<l7:Encoded>
MIIDBzCCAe+gAwIBAgIJAIFxQWJJSG6zMA0GCSqGSIb3DQEBDAUAMBAxDjAMBgNVBAMTBXN1cGNh
MB4XDTE4MTIyODE5MzA0MVoXDTIwMTIyNzE5MzA0MVowFDESMBAGA1UEAxMJc3VwY2xpZW50MIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplLLKxqSP6GnrNuSR1+3i1vmsfiLME2iKJlx
Kh4qF9sNacDAnemymE3YYxlwUva6DpZZwtAFEwnFBSqPfHtuzA8hJqaCfG6bt5pd8Jix2SCpCMA9
+Uu4MvxXk15l9ys0qDTBNUgLSceRQvFsO2/6aLdcLW3yfvcrTcFSuPOLcSC2aPL/BuFVfSzypV2w
wuRJ4sVsaamEh/y14wRK9etn/EPaGQUIa8NCVcZWMCIyAZCmPoqNtbSC6HTpFyOBJjbpzZ2hfKgl
60pqdwZ1IlulL6Qzko6C/8tVWeWK6yZ7FIVZwfImN7vGc/UQ9zUNccYkv+v8ovFqwHHSBUo1CS1a
6wIDAQABo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUuVHuBm5v
nEl4r3395reFyTBQ45QwHwYDVR0jBBgwFoAUzNmFRB6HC1W7QP14IlFuBkjcCbEwDQYJKoZIhvcN
AQEMBQADggEBAHBXD9QKlk6m/QEPQM+wvWi+ZGXP/KWzFnyggN2CI69sflNnCJZwe60FeNRhvTYt
nVOReRGfLv41TbLOuVIsDfWw2WFFDPM7iKlr+vBaXHkkLvYfQR7m/H+mWarn/NxH/8wunBhP1Hn+
kpJb4+dX+RKYwpn5r0XFGCTpXJ1S2CCjHSAv8EqbELa7AyhmbP2EqeeEWGVPSQqT9f1AiyfVhZzB
WTrb+mJk0ftvuOvYp5lPJ+9tT/fDPTViq4F33lU5uprw1tqq+AnYp1kEWdZmBMxoTbCYnR2EdcDN
7oIUP7WMWrTZlpGUurlGAB2u0FnUu7BXLQzvZBOhHRkcbt9RX8o=
</l7:Encoded>
</l7:CertificateData>
<l7:Properties>
<l7:Property key="revocationCheckingEnabled">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustAnchor">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedAsSamlAttestingEntity">
<l7:BooleanValue>false</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedAsSamlIssuer">
<l7:BooleanValue>false</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedForSigningClientCerts">
<l7:BooleanValue>false</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedForSigningServerCerts">
<l7:BooleanValue>false</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedForSsl">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="verifyHostname">
<l7:BooleanValue>false</l7:BooleanValue>
</l7:Property>
</l7:Properties>
</l7:TrustedCertificate>
Query to get the ID for the Trusted Certificate (Note: ID is in bold italic below):
HTTP Method: GET
URL: https://<FQDN or IP of the gateway>:8443/restman/1.0/trustedCertificates?name=supclient
Response sample:
<l7:List xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
<l7:Name>TRUSTED_CERT List</l7:Name>
<l7:Type>List</l7:Type>
<l7:TimeStamp>2019-01-16T10:54:22.977-08:00</l7:TimeStamp>
<l7:Link rel="self" uri="https://supdemo-ssg93.ca.com:8443/restman/1.0/trustedCertificates?name=supclient"/>
<l7:Link rel="template" uri="https://supdemo-ssg93.ca.com:8443/restman/1.0/trustedCertificates/template"/>
<l7:Item>
<l7:Name>supclient</l7:Name>
<l7:Id>f5b0ae906adf863041c633666f1921c3</l7:Id>
......
</l7:List>
Update a Trusted Certificate (Replace the Encoded element with the new value between BEGIN and END certificate):
HTTP Method: PUT
URL: https://<FQDN or IP of the gateway>:8443/restman/1.0/trustedCertificates/f5b0ae906adf863041c633666f1921c3
Payload sample:
<l7:TrustedCertificate xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
<l7:Name>supclient</l7:Name>
<l7:CertificateData>
<l7:Encoded>
MIIDBzCCAe+gAwIBAgIJAL2M54tPnc81MA0GCSqGSIb3DQEBDAUAMBAxDjAMBgNVBAMTBXN1cGNh
MB4XDTE5MDExNjE3MzIzNVoXDTIxMDExNTE3MzIzNVowFDESMBAGA1UEAxMJc3VwY2xpZW50MIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplLLKxqSP6GnrNuSR1+3i1vmsfiLME2iKJlx
Kh4qF9sNacDAnemymE3YYxlwUva6DpZZwtAFEwnFBSqPfHtuzA8hJqaCfG6bt5pd8Jix2SCpCMA9
+Uu4MvxXk15l9ys0qDTBNUgLSceRQvFsO2/6aLdcLW3yfvcrTcFSuPOLcSC2aPL/BuFVfSzypV2w
wuRJ4sVsaamEh/y14wRK9etn/EPaGQUIa8NCVcZWMCIyAZCmPoqNtbSC6HTpFyOBJjbpzZ2hfKgl
60pqdwZ1IlulL6Qzko6C/8tVWeWK6yZ7FIVZwfImN7vGc/UQ9zUNccYkv+v8ovFqwHHSBUo1CS1a
6wIDAQABo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAdBgNVHQ4EFgQUuVHuBm5v
nEl4r3395reFyTBQ45QwHwYDVR0jBBgwFoAUzNmFRB6HC1W7QP14IlFuBkjcCbEwDQYJKoZIhvcN
AQEMBQADggEBAIMGYwNmtthlKVBoNdnJqFI3OCjdkYr7Fjttt7P4LLSsvMwDY4Iz0WYnSeLsqSQy
Vsvs/SpDnujTswx1xutI1HdIfgEnNIGGHFnms+Ojmp/F7M8qqYSxav1e2gqZxmdawdZjaR17tBhc
tyum/0DUDQ5AXcqs1S+HNNJV1c4S3DFz4X/yup02b6kaAsjJDJki8LTPERjA07N4CTU6VhaTSaxZ
LvYpVVNY+irnS9p1nSvGIUj+ofQBp34JCyjQtTCdVI3LU0HUio6T/T4ew3qbtMdbvU6E584AmCaE
LtPiyIYT8ty+xwL9xsGwMpWxn9APB2KocWyiloNmBP6j8c+1S2E=
</l7:Encoded>
</l7:CertificateData>
<l7:Properties>
<l7:Property key="revocationCheckingEnabled">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustAnchor">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedAsSamlAttestingEntity">
<l7:BooleanValue>false</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedAsSamlIssuer">
<l7:BooleanValue>false</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedForSigningClientCerts">
<l7:BooleanValue>false</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedForSigningServerCerts">
<l7:BooleanValue>false</l7:BooleanValue>
</l7:Property>
<l7:Property key="trustedForSsl">
<l7:BooleanValue>true</l7:BooleanValue>
</l7:Property>
<l7:Property key="verifyHostname">
<l7:BooleanValue>false</l7:BooleanValue>
</l7:Property>
</l7:Properties>
</l7:TrustedCertificate>
Sincerely,
Stephen Hughes
Broadcom Support