1{ 2 "$id": "http://redfish.dmtf.org/schemas/v1/Certificate.v1_8_2.json", 3 "$ref": "#/definitions/Certificate", 4 "$schema": "http://redfish.dmtf.org/schemas/v1/redfish-schema-v1.json", 5 "copyright": "Copyright 2014-2024 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright", 6 "definitions": { 7 "Actions": { 8 "additionalProperties": false, 9 "description": "The available actions for this resource.", 10 "longDescription": "This type shall contain the available actions for this resource.", 11 "patternProperties": { 12 "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 13 "description": "This property shall specify a valid odata or Redfish property.", 14 "type": [ 15 "array", 16 "boolean", 17 "integer", 18 "number", 19 "null", 20 "object", 21 "string" 22 ] 23 } 24 }, 25 "properties": { 26 "#Certificate.Rekey": { 27 "$ref": "#/definitions/Rekey" 28 }, 29 "#Certificate.Renew": { 30 "$ref": "#/definitions/Renew" 31 }, 32 "Oem": { 33 "$ref": "#/definitions/OemActions", 34 "description": "The available OEM-specific actions for this resource.", 35 "longDescription": "This property shall contain the available OEM-specific actions for this resource." 36 } 37 }, 38 "type": "object" 39 }, 40 "Certificate": { 41 "additionalProperties": false, 42 "description": "The `Certificate` schema describes a certificate that proves the identity of a component, account, or service.", 43 "longDescription": "This resource shall represent a certificate for a Redfish implementation.", 44 "patternProperties": { 45 "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 46 "description": "This property shall specify a valid odata or Redfish property.", 47 "type": [ 48 "array", 49 "boolean", 50 "integer", 51 "number", 52 "null", 53 "object", 54 "string" 55 ] 56 } 57 }, 58 "properties": { 59 "@odata.context": { 60 "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/context" 61 }, 62 "@odata.etag": { 63 "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/etag" 64 }, 65 "@odata.id": { 66 "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/id" 67 }, 68 "@odata.type": { 69 "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/type" 70 }, 71 "Actions": { 72 "$ref": "#/definitions/Actions", 73 "description": "The available actions for this resource.", 74 "longDescription": "This property shall contain the available actions for this resource." 75 }, 76 "CertificateString": { 77 "description": "The string for the certificate.", 78 "longDescription": "This property shall contain the certificate, and the format shall follow the requirements specified by the `CertificateType` property value. If the certificate contains any private keys, they shall be removed from the string in responses. If the service does not know the private key for the certificate and is needed to use the certificate, the client shall provide the private key as part of the string in the `POST` request.", 79 "readonly": true, 80 "type": [ 81 "string", 82 "null" 83 ] 84 }, 85 "CertificateType": { 86 "anyOf": [ 87 { 88 "$ref": "http://redfish.dmtf.org/schemas/v1/Certificate.json#/definitions/CertificateType" 89 }, 90 { 91 "type": "null" 92 } 93 ], 94 "description": "The format of the certificate.", 95 "longDescription": "This property shall contain the format type for the certificate.", 96 "readonly": true 97 }, 98 "CertificateUsageTypes": { 99 "description": "The types or purposes for this certificate.", 100 "items": { 101 "anyOf": [ 102 { 103 "$ref": "#/definitions/CertificateUsageType" 104 }, 105 { 106 "type": "null" 107 } 108 ] 109 }, 110 "longDescription": "The value of this property shall contain an array describing the types or purposes for this certificate.", 111 "readonly": true, 112 "type": "array", 113 "versionAdded": "v1_4_0" 114 }, 115 "Description": { 116 "anyOf": [ 117 { 118 "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Description" 119 }, 120 { 121 "type": "null" 122 } 123 ], 124 "readonly": true 125 }, 126 "Fingerprint": { 127 "description": "The fingerprint of the certificate.", 128 "longDescription": "The value of this property shall be a string containing the ASCII representation of the fingerprint of the certificate. The hash algorithm used to generate this fingerprint shall be specified by the `FingerprintHashAlgorithm` property.", 129 "pattern": "^([0-9A-Fa-f]{2}:){0,}([0-9A-Fa-f]{2})$", 130 "readonly": true, 131 "type": "string", 132 "versionAdded": "v1_3_0" 133 }, 134 "FingerprintHashAlgorithm": { 135 "description": "The hash algorithm for the fingerprint of the certificate.", 136 "longDescription": "The value of this property shall be a string containing the hash algorithm used for generating the `Fingerprint` property. The value shall be one of the strings in the 'Algorithm Name' field of the 'TPM_ALG_ID Constants' table within the 'Trusted Computing Group Algorithm Registry'.", 137 "readonly": true, 138 "type": "string", 139 "versionAdded": "v1_3_0" 140 }, 141 "Id": { 142 "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Id", 143 "readonly": true 144 }, 145 "Issuer": { 146 "$ref": "#/definitions/Identifier", 147 "description": "The issuer of the certificate.", 148 "longDescription": "This property shall contain an object containing information about the issuer of the certificate." 149 }, 150 "KeyUsage": { 151 "description": "The key usage extension, which defines the purpose of the public keys in this certificate.", 152 "items": { 153 "anyOf": [ 154 { 155 "$ref": "http://redfish.dmtf.org/schemas/v1/Certificate.json#/definitions/KeyUsage" 156 }, 157 { 158 "type": "null" 159 } 160 ] 161 }, 162 "longDescription": "This property shall contain the key usage extension, which defines the purpose of the public keys in this certificate.", 163 "readonly": true, 164 "type": "array" 165 }, 166 "Links": { 167 "$ref": "#/definitions/Links", 168 "description": "The links to other resources that are related to this resource.", 169 "longDescription": "This property shall contain links to resources that are related to but are not contained by, or subordinate to, this resource.", 170 "versionAdded": "v1_4_0" 171 }, 172 "Name": { 173 "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Name", 174 "readonly": true 175 }, 176 "Oem": { 177 "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem", 178 "description": "The OEM extension property.", 179 "longDescription": "This property shall contain the OEM extensions. All values for properties that this object contains shall conform to the Redfish Specification-described requirements." 180 }, 181 "SPDM": { 182 "$ref": "#/definitions/SPDM", 183 "description": "SPDM-related information for the certificate.", 184 "longDescription": "The value of this property shall contain SPDM-related information for the certificate. This property shall only be present for SPDM certificates.", 185 "versionAdded": "v1_5_0" 186 }, 187 "SerialNumber": { 188 "description": "The serial number of the certificate.", 189 "longDescription": "The value of this property shall be a string containing the ASCII representation of the serial number of the certificate, as defined by the RFC5280 'serialNumber' field.", 190 "pattern": "^([0-9A-Fa-f]{2}:){0,}([0-9A-Fa-f]{2})$", 191 "readonly": true, 192 "type": "string", 193 "versionAdded": "v1_3_0" 194 }, 195 "SignatureAlgorithm": { 196 "description": "The algorithm used for creating the signature of the certificate.", 197 "longDescription": "The value of this property shall be a string containing the algorithm used for generating the signature of the certificate, as defined by the RFC5280 'signatureAlgorithm' field. The value shall be a string representing the ASN.1 OID of the signature algorithm as defined in, but not limited to, RFC3279, RFC4055, or RFC4491.", 198 "readonly": true, 199 "type": "string", 200 "versionAdded": "v1_3_0" 201 }, 202 "Subject": { 203 "$ref": "#/definitions/Identifier", 204 "description": "The subject of the certificate.", 205 "longDescription": "This property shall contain an object containing information about the subject of the certificate." 206 }, 207 "UefiSignatureOwner": { 208 "description": "The UEFI signature owner for this certificate.", 209 "longDescription": "The value of this property shall contain the GUID of the UEFI signature owner for this certificate as defined by the UEFI Specification. This property shall only be present for certificates managed by UEFI.", 210 "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$", 211 "readonly": true, 212 "type": [ 213 "string", 214 "null" 215 ], 216 "versionAdded": "v1_2_0" 217 }, 218 "ValidNotAfter": { 219 "description": "The date when the certificate is no longer valid.", 220 "format": "date-time", 221 "longDescription": "This property shall contain the date when the certificate validity period ends.", 222 "readonly": true, 223 "type": "string" 224 }, 225 "ValidNotBefore": { 226 "description": "The date when the certificate becomes valid.", 227 "format": "date-time", 228 "longDescription": "This property shall contain the date when the certificate validity period begins.", 229 "readonly": true, 230 "type": "string" 231 } 232 }, 233 "required": [ 234 "@odata.id", 235 "@odata.type", 236 "Id", 237 "Name" 238 ], 239 "requiredOnCreate": [ 240 "CertificateString", 241 "CertificateType" 242 ], 243 "type": "object" 244 }, 245 "CertificateUsageType": { 246 "enum": [ 247 "User", 248 "Web", 249 "SSH", 250 "Device", 251 "Platform", 252 "BIOS", 253 "IDevID", 254 "LDevID", 255 "IAK", 256 "LAK" 257 ], 258 "enumDescriptions": { 259 "BIOS": "This certificate is a BIOS certificate like those associated with UEFI.", 260 "Device": "This certificate is a device type certificate like those associated with SPDM and other standards.", 261 "IAK": "This certificate is an IAK certificate like those associated with TCG TPMs.", 262 "IDevID": "This certificate is an IDevID certificate like those associated with TCG TPMs.", 263 "LAK": "This certificate is an LAK certificate like those associated with TCG TPMs.", 264 "LDevID": "This certificate is an LDevID certificate like those associated with TCG TPMs.", 265 "Platform": "This certificate is a platform type certificate like those associated with SPDM and other standards.", 266 "SSH": "This certificate is used for SSH.", 267 "User": "This certificate is a user certificate like those associated with a manager account.", 268 "Web": "This certificate is a web or HTTPS certificate like those used for event destinations." 269 }, 270 "enumVersionAdded": { 271 "IAK": "v1_8_0", 272 "IDevID": "v1_8_0", 273 "LAK": "v1_8_0", 274 "LDevID": "v1_8_0" 275 }, 276 "type": "string" 277 }, 278 "Identifier": { 279 "additionalProperties": false, 280 "description": "The identifier information about a certificate.", 281 "longDescription": "This type shall contain the properties that identifies the issuer or subject of a certificate.", 282 "patternProperties": { 283 "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 284 "description": "This property shall specify a valid odata or Redfish property.", 285 "type": [ 286 "array", 287 "boolean", 288 "integer", 289 "number", 290 "null", 291 "object", 292 "string" 293 ] 294 } 295 }, 296 "properties": { 297 "AdditionalCommonNames": { 298 "description": "Additional common names of the entity.", 299 "items": { 300 "type": [ 301 "string", 302 "null" 303 ] 304 }, 305 "longDescription": "The value of this property shall contain an array of additional common names for the entity, as defined by the RFC5280 'commonName' attribute, in array order as they appear in the certificate. This property shall not be present if only one common name is found. The first common name shall not appear in this property.", 306 "readonly": true, 307 "type": "array", 308 "versionAdded": "v1_6_0" 309 }, 310 "AdditionalOrganizationalUnits": { 311 "description": "Additional organizational units of the entity.", 312 "items": { 313 "type": [ 314 "string", 315 "null" 316 ] 317 }, 318 "longDescription": "The value of this property shall contain an array of additional organizational units for the entity, as defined by the RFC5280 'organizationalUnitName' attribute, in array order as they appear in the certificate. This property shall not be present if only one organizational unit is found. The first organizational unit shall not appear in this property.", 319 "readonly": true, 320 "type": "array", 321 "versionAdded": "v1_6_0" 322 }, 323 "AlternativeNames": { 324 "description": "The additional host names of the entity.", 325 "items": { 326 "type": [ 327 "string", 328 "null" 329 ] 330 }, 331 "longDescription": "This property shall contain the additional host names of the entity, as defined by the RFC5280 'subjectAltName' attribute. This property shall not be present in the `Issuer` property.", 332 "readonly": true, 333 "type": "array", 334 "versionAdded": "v1_7_0" 335 }, 336 "City": { 337 "description": "The city or locality of the organization of the entity.", 338 "longDescription": "This property shall contain the city or locality of the organization of the entity, as defined by the RFC5280 'localityName' attribute.", 339 "readonly": true, 340 "type": "string" 341 }, 342 "CommonName": { 343 "description": "The common name of the entity.", 344 "longDescription": "This property shall contain the common name of the entity, as defined by the RFC5280 'commonName' attribute.", 345 "readonly": true, 346 "type": "string" 347 }, 348 "Country": { 349 "description": "The country of the organization of the entity.", 350 "longDescription": "This property shall contain the two-letter ISO code for the country of the organization of the entity, as defined by the RFC5280 'countryName' attribute.", 351 "readonly": true, 352 "type": "string" 353 }, 354 "DisplayString": { 355 "description": "A human-readable string for this identifier.", 356 "longDescription": "The value of this property shall contain a display string that represents the entire identifier. The string should be formatted using industry conventions, such as the single-line human-readable string described by RFC2253 and preserving the field order as shown in the certificate.", 357 "readonly": true, 358 "type": [ 359 "string", 360 "null" 361 ], 362 "versionAdded": "v1_6_0" 363 }, 364 "DomainComponents": { 365 "description": "The domain components of the entity.", 366 "items": { 367 "type": [ 368 "string", 369 "null" 370 ] 371 }, 372 "longDescription": "The value of this property shall contain an array of domain component fields for the entity, as defined by the RFC4519 'domainComponent' attribute, in array order as they appear in the certificate.", 373 "readonly": true, 374 "type": "array", 375 "versionAdded": "v1_6_0" 376 }, 377 "Email": { 378 "description": "The email address of the contact within the organization of the entity.", 379 "longDescription": "This property shall contain the email address of the contact within the organization of the entity, as defined by the RFC2985 'emailAddress' attribute.", 380 "readonly": true, 381 "type": [ 382 "string", 383 "null" 384 ] 385 }, 386 "Organization": { 387 "description": "The name of the organization of the entity.", 388 "longDescription": "This property shall contain the name of the organization of the entity, as defined by the RFC5280 'organizationName' attribute.", 389 "readonly": true, 390 "type": "string" 391 }, 392 "OrganizationalUnit": { 393 "description": "The name of the unit or division of the organization of the entity.", 394 "longDescription": "This property shall contain the name of the unit or division of the organization of the entity, as defined by the RFC5280 'organizationalUnitName' attribute.", 395 "readonly": true, 396 "type": "string" 397 }, 398 "State": { 399 "description": "The state, province, or region of the organization of the entity.", 400 "longDescription": "This property shall contain the state, province, or region of the organization of the entity, as defined by the RFC5280 'stateOrProvinceName' attribute.", 401 "readonly": true, 402 "type": "string" 403 } 404 }, 405 "type": "object" 406 }, 407 "Links": { 408 "additionalProperties": false, 409 "description": "The links to other resources that are related to this resource.", 410 "longDescription": "This Redfish Specification-described type shall contain links to resources that are related to but are not contained by, or subordinate to, this resource.", 411 "patternProperties": { 412 "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 413 "description": "This property shall specify a valid odata or Redfish property.", 414 "type": [ 415 "array", 416 "boolean", 417 "integer", 418 "number", 419 "null", 420 "object", 421 "string" 422 ] 423 } 424 }, 425 "properties": { 426 "Issuer": { 427 "anyOf": [ 428 { 429 "$ref": "http://redfish.dmtf.org/schemas/v1/Certificate.json#/definitions/Certificate" 430 }, 431 { 432 "type": "null" 433 } 434 ], 435 "description": "A link to the certificate of the CA that issued this certificate.", 436 "longDescription": "This property shall contain a link to a resources of type `Certificate` that represents the certificate of the CA that issued this certificate.", 437 "readonly": false, 438 "versionAdded": "v1_4_0" 439 }, 440 "Oem": { 441 "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem", 442 "description": "The OEM extension property.", 443 "longDescription": "This property shall contain the OEM extensions. All values for properties contained in this object shall conform to the Redfish Specification-described requirements." 444 }, 445 "Subjects": { 446 "description": "An array of links to certificates that were issued by the CA that is represented by this certificate.", 447 "items": { 448 "$ref": "http://redfish.dmtf.org/schemas/v1/Certificate.json#/definitions/Certificate" 449 }, 450 "longDescription": "This property shall contain an array of links to resources of type `Certificate` that were issued by the CA that is represented by this certificate.", 451 "readonly": false, 452 "type": "array", 453 "versionAdded": "v1_4_0" 454 }, 455 "Subjects@odata.count": { 456 "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/count" 457 } 458 }, 459 "type": "object" 460 }, 461 "OemActions": { 462 "additionalProperties": true, 463 "description": "The available OEM-specific actions for this resource.", 464 "longDescription": "This type shall contain the available OEM-specific actions for this resource.", 465 "patternProperties": { 466 "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 467 "description": "This property shall specify a valid odata or Redfish property.", 468 "type": [ 469 "array", 470 "boolean", 471 "integer", 472 "number", 473 "null", 474 "object", 475 "string" 476 ] 477 } 478 }, 479 "properties": {}, 480 "type": "object" 481 }, 482 "Rekey": { 483 "actionResponse": { 484 "$ref": "#/definitions/RekeyResponse" 485 }, 486 "additionalProperties": false, 487 "description": "This action generates a new key-pair for a certificate and produces a certificate signing request.", 488 "longDescription": "This action shall use the certificate data to generate a new key-pair for a certificate. The response shall contain a signing request that a certificate authority (CA) will sign. The service should retain the private key that generated this request for installation of the certificate. The private key should not be part of the response. The private key should not be part of the response.", 489 "parameters": { 490 "ChallengePassword": { 491 "description": "The challenge password to apply to the certificate for revocation requests.", 492 "longDescription": "This property shall contain the challenge password to apply to the certificate for revocation requests as defined by the RFC2985 'challengePassword' attribute.", 493 "type": "string" 494 }, 495 "KeyBitLength": { 496 "description": "The length of the key, in bits, if needed based on the `KeyPairAlgorithm` parameter value.", 497 "longDescription": "This parameter shall contain the length of the key, in bits, if needed based on the `KeyPairAlgorithm` parameter value.", 498 "type": "integer" 499 }, 500 "KeyCurveId": { 501 "description": "The curve ID to use with the key, if needed based on the `KeyPairAlgorithm` parameter value.", 502 "longDescription": "This parameter shall contain the curve ID to use with the key, if needed based on the `KeyPairAlgorithm` parameter value. The allowable values for this parameter shall be the strings in the 'Name' field of the 'TPM_ECC_CURVE Constants' table within the 'Trusted Computing Group Algorithm Registry'.", 503 "type": "string" 504 }, 505 "KeyPairAlgorithm": { 506 "description": "The type of key-pair for use with signing algorithms.", 507 "longDescription": "This parameter shall contain the type of key-pair for use with signing algorithms. The allowable values for this parameter shall be the strings in the 'Algorithm Name' field of the 'TPM_ALG_ID Constants' table within the 'Trusted Computing Group Algorithm Registry'.", 508 "type": "string" 509 } 510 }, 511 "patternProperties": { 512 "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 513 "description": "This property shall specify a valid odata or Redfish property.", 514 "type": [ 515 "array", 516 "boolean", 517 "integer", 518 "number", 519 "null", 520 "object", 521 "string" 522 ] 523 } 524 }, 525 "properties": { 526 "target": { 527 "description": "Link to invoke action", 528 "format": "uri-reference", 529 "type": "string" 530 }, 531 "title": { 532 "description": "Friendly action name", 533 "type": "string" 534 } 535 }, 536 "type": "object", 537 "versionAdded": "v1_1_0" 538 }, 539 "RekeyResponse": { 540 "additionalProperties": false, 541 "description": "The response body for the `Rekey` action.", 542 "longDescription": "This type shall contain the properties found in the response body for the `Rekey` action.", 543 "patternProperties": { 544 "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 545 "description": "This property shall specify a valid odata or Redfish property.", 546 "type": [ 547 "array", 548 "boolean", 549 "integer", 550 "number", 551 "null", 552 "object", 553 "string" 554 ] 555 } 556 }, 557 "properties": { 558 "CSRString": { 559 "description": "The string for the certificate signing request.", 560 "longDescription": "This property shall contain the certificate signing request as a PEM-encoded string, containing structures specified by RFC2986. The private key should not be part of the string.", 561 "readonly": true, 562 "type": "string", 563 "versionAdded": "v1_1_0" 564 }, 565 "Certificate": { 566 "$ref": "http://redfish.dmtf.org/schemas/v1/Certificate.json#/definitions/Certificate", 567 "description": "The link to the certificate being rekeyed.", 568 "longDescription": "This property shall contain a link to a resource of type `Certificate` that is replaced after the certificate authority (CA) signs the certificate.", 569 "readonly": true, 570 "versionAdded": "v1_1_0" 571 } 572 }, 573 "required": [ 574 "Certificate", 575 "CSRString" 576 ], 577 "type": "object" 578 }, 579 "Renew": { 580 "actionResponse": { 581 "$ref": "#/definitions/RenewResponse" 582 }, 583 "additionalProperties": false, 584 "description": "This action generates a certificate signing request by using the existing information and key-pair of the certificate.", 585 "longDescription": "This action shall generate a certificate signing request using the existing information and key-pair of the certificate. The response shall contain a signing request that a certificate authority (CA) will sign. The service should retain the private key that this request generates for when the certificate is installed. The private key should not be part of the response.", 586 "parameters": { 587 "ChallengePassword": { 588 "description": "The challenge password to apply to the certificate for revocation requests.", 589 "longDescription": "This property shall contain the challenge password to apply to the certificate for revocation requests as defined by the RFC2985 'challengePassword' attribute.", 590 "type": "string" 591 } 592 }, 593 "patternProperties": { 594 "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 595 "description": "This property shall specify a valid odata or Redfish property.", 596 "type": [ 597 "array", 598 "boolean", 599 "integer", 600 "number", 601 "null", 602 "object", 603 "string" 604 ] 605 } 606 }, 607 "properties": { 608 "target": { 609 "description": "Link to invoke action", 610 "format": "uri-reference", 611 "type": "string" 612 }, 613 "title": { 614 "description": "Friendly action name", 615 "type": "string" 616 } 617 }, 618 "type": "object", 619 "versionAdded": "v1_1_0" 620 }, 621 "RenewResponse": { 622 "additionalProperties": false, 623 "description": "The response body for the `Renew` action.", 624 "longDescription": "This type shall contain the properties found in the response body for the `Renew` action.", 625 "patternProperties": { 626 "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 627 "description": "This property shall specify a valid odata or Redfish property.", 628 "type": [ 629 "array", 630 "boolean", 631 "integer", 632 "number", 633 "null", 634 "object", 635 "string" 636 ] 637 } 638 }, 639 "properties": { 640 "CSRString": { 641 "description": "The string for the certificate signing request.", 642 "longDescription": "This property shall contain the certificate signing request as a PEM-encoded string, containing structures specified by RFC2986. The private key should not be part of the string.", 643 "readonly": true, 644 "type": "string", 645 "versionAdded": "v1_1_0" 646 }, 647 "Certificate": { 648 "$ref": "http://redfish.dmtf.org/schemas/v1/Certificate.json#/definitions/Certificate", 649 "description": "The link to the certificate being renewed.", 650 "longDescription": "This property shall contain a link to a resource of type `Certificate` that is replaced after the certificate authority (CA) signs the certificate.", 651 "readonly": true, 652 "versionAdded": "v1_1_0" 653 } 654 }, 655 "required": [ 656 "Certificate", 657 "CSRString" 658 ], 659 "type": "object" 660 }, 661 "SPDM": { 662 "additionalProperties": false, 663 "description": "SPDM-related information for a certificate.", 664 "longDescription": "This type shall contain SPDM-related information for a certificate.", 665 "patternProperties": { 666 "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": { 667 "description": "This property shall specify a valid odata or Redfish property.", 668 "type": [ 669 "array", 670 "boolean", 671 "integer", 672 "number", 673 "null", 674 "object", 675 "string" 676 ] 677 } 678 }, 679 "properties": { 680 "SlotId": { 681 "description": "Slot identifier of the certificate.", 682 "longDescription": "The value of this property shall contain an integer between 0 and 7, inclusive, that represents the slot identifier for an SPDM-provided certificate.", 683 "readonly": true, 684 "type": [ 685 "integer", 686 "null" 687 ], 688 "versionAdded": "v1_5_0" 689 } 690 }, 691 "type": "object" 692 } 693 }, 694 "language": "en", 695 "owningEntity": "DMTF", 696 "release": "2023.2", 697 "title": "#Certificate.v1_8_2.Certificate" 698}