Retrieve expiry information about SSL certificates in a Citrix ADC VPX Appliance
A typical deployment of a Citrix ADC appliance contains multiple load balancing configurations that process SSL transactions. SSL certificates bound to these configurations can expire at different times. You can retrieve the expiry information about SSL certificates in a Citrix ADC VPX Appliance. The expiry information helps you in renewing the SSL certificates on time.
Before you begin
Before youretrieve expiry information about SSL certificates in a Citrix ADC VPX Appliance, make sure that:
-
You have deployed a Citrix ADC VPX appliance and the appliance is UP and running in your setup. For more information, see Deploy a Citrix ADC VPX instance.
-
You have a basic understanding of SSL certificates in a Citrix ADC appliance. For more information, see: SSL certificates.
Steps to retrieve expiry information about SSL certificates in a Citrix ADC VPX Appliance
You use the sslcertkey NITRO API object to retrieve expiry information about the SSL certificates in a Citrix ADC appliance.
The Citrix ADC appliance responds with the following expiry information along with other details about SSL certificates in the appliance:
-
daystoexpiration
. This attribute represents thedays remaining for a SSL certificate to expire.
For more information about the sslcertkey object and its properties, see Citrix NITRO API reference for sslcertkey.
Request components
Request field | Value |
---|---|
HTTP Method | GET |
URL |
http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/sslcertkey or http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/sslcertkey?attrs=certkey,cert,key,daystoexpiration
|
Request Headers | Content-Type: application/json |
Curl request
Use the following curl command syntax to retrieve detailed information about SSL certificates in a Citrix ADC appliance:
curl -X GET -H "Content-Type: application/json" -u <username>:<examplepassword> http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/sslcertkey
Use the following curl command syntax to retrieve only the expiry information about SSL certificates in a Citrix ADC appliance:
curl -X GET -H "Content-Type: application/json" -u nsroot:examplepassword http://<Citrix-ADC-IP-address(NSIP)>/nitro/v1/config/sslcertkey?attrs=certkey,cert,key,daystoexpiration
Example
Example description | Curl request | Response payload |
---|---|---|
Retrieve only the expiry information about SSL certificates in a Citrix ADC appliance, which has Citrix ADC IP address (NSIP) of 192.0.0.33. | curl -X GET -H "Content-Type: application/json" -u nsroot:examplepassword http://192.0.0.33/nitro/v1/config/sslcertkey?attrs=certkey,cert,key,daystoexpiration |
{ “errorcode”: 0, “message”: “Done”, “severity”: “NONE”, “sslcertkey”: [ { “certkey”: “ns-server-certificate”, “cert”: “ns-server.cert”, “key”: “ns-server.key”, “daystoexpiration”: 5509 }, { “certkey”: “serverrsa_2048”, “cert”: “complete/server/server_rsa_2048.pem”, “key”: “complete/server/server_rsa_2048.ky”, “daystoexpiration”: 5652 } ] } |