API to upload a custom certificate for HTTPS

How do I call the API to upload a custom certificate for HTTPS?

First ensure you have the public certificate and its chain of signing certificates up to, but not including, the root certificate. This should be in a Base64-encoded-DER format file, also known as PEM, and for the purposes of the following example, named public_certificates.pem. You can verify the file is in the expected format as it will begin with ----- BEGIN CERTIFICATE ----- on the first line.

Next ensure you have the certificate private key, also in PEM format, and named private_key.pem for this example. A private key file will begin ----- BEGIN RSA PRIVATE KEY ----- if in the correct format.

These two files, in this format, are the same as you would use if uploading a custom certificate via the Aperture portal web interface.

The rest of this example uses the jq and curl tools, available for all popular operating systems.

Use jq to escape the PEM files as JSON strings:

jq -sR . public_certificates.pem >public_certificates.json
jq -sR . private_key.pem >private_key.json

Then use jq and curl to send the certificate details to the section.io API:

jq -s '{public_certificates:.[0], private_key:.[1]}' public_certificates.json private_key.json |
  curl -d@- https://aperture.section.io/api/v1/account/1/domain/bootcamp.section.io/https -H'Content-Type: application/json' -u guest@example.com

In the above curl statement replace account 1 with your own account number, replace the bootcamp.section.io with the domain for which you wish to assign this custom certificate, and replace guest@example.com with your own section.io username. Curl will prompt you for your section.io password when you execute the command.

You can find more details of this API call and others at https://aperture.section.io/api/ui/