ResourceDefinition
uris
/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates
properties
BIOS证书资源字段说明表
| 名称 | 类型 | 是否只读 | 取值范围/枚举值 | 说明 |
|---|---|---|---|---|
| @odata.context | string | true | - | Bios证书资源OData描述 |
| @odata_id | string | true | - | Bios证书资源的访问路径 |
| Id | string | true | - | Bios证书资源的ID |
| Name | string | true | - | BIOS证书资源的名称 |
| Certificates | object | true | - | Bios已生效的所有证书 |
| SecureBoot | object | true | - | 用于SecureBoot的证书 |
| db | array | true | - | SecureBoot的证书类型 |
| dbx | array | true | - | SecureBoot的证书类型 |
| Boot | object | true | - | 用于Httpsboot的证书 |
| cert | array | true | - | HttpsBoot的证书 |
| crl | array | true | - | HttpsBoot的吊销列表 |
| CertificateString | string | false | - | Bios证书字符串内容 |
| CertificateType | string | false | - | 证书类型 |
| Issuer | object | true | - | 证书颁发者信息 |
| Subject | object | true | - | 证书使用者信息 |
| Country | string | true | - | 国家 |
| State | string | true | - | 省、州 |
| City | string | true | - | 城市 |
| Organization | string | true | - | 组织 |
| OrganizationUnit | string | true | - | 组织单位 |
| CommonName | string | true | - | 通用名称 |
| string | true | - | 邮箱 | |
| ValidNotBefore | string | true | - | 有效开始日期 |
| ValidNotAfter | string | true | - | 有效截止日期 |
| KeyUsage | array | true | - | 密钥用法 |
| SerialNumber | string | true | - | 序列号 |
| Fingerprint | string | true | - | 指纹信息 |
| FingerprintHashAlgorithm | string | true | - | 指纹哈希算法 |
| SignatureAlgorithm | string | true | - | 签名算法 |
| UefiSignatureOwner | string | true | - | UEFI签名属主 |
| Actions | object | true | - | Redfish允许的指定Bios证书相关可执行操作 |
| #BootCertificates.ImportSecureBootCert | object | true | - | 导入SecureBoot证书操作 |
| #BootCertificates.ResetSecureBootCert | object | true | - | 清除SecureBoot证书操作 |
| #BootCertificates.ImportBootCert | object | true | - | 导入httpsBoot证书操作 |
| #BootCertificates.ImportBootCrl | object | true | - | 导入HttpsBoot吊销列表操作 |
| #BootCertificates.ResetBootCert | object | true | - | 清除HttpsBoot证书操作 |
| #BootCertificates.ResetBootCrl | object | true | - | 清除HttpsBoot吊销列表操作 |
| target | string | true | - | Bios证书操作的访问路径 |
| @Redfish.ActionInfo | string | true | - | 操作信息查询路径 |
supported_methods
- GET
- POST
HTTP methods
GET
命令功能
查询 Bios 证书信息
说明
系统启动过程中无法查询证书信息。
命令格式
URL: https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates
请求头:
X-Auth-Token: 123456789***********************请求消息体: 无
参数说明
| 参数 | 参数说明 | 取值 |
|---|---|---|
| device_ip | 登录设备的IP地址 | IPv4或IPv6地址 |
| system_id | 系统资源的ID | 参见源文件参数说明 |
| auth_value | 请求消息的鉴权参数 | 可通过/redfish/v1/SessionService/Sessions创建会话时获得 |
使用指南
系统重新启动时生效。 支持的BMC版本:BMC300 5.01.00.01及之后的版本。
使用实例
请求样例:
GET https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificatesX-Auth-Token: 123456789***********************
请求消息体:无
响应样例:
{
"@odata.context": "/redfish/v1/$metadata#BootCertificates.BootCertificates",
"@odata.id": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates",
"@odata.type": "#BootCertificates.v1_0_0.BootCertificates",
"Id": "BootCertificates",
"Name": "Bios Boot Certificates",
"Certificates": {
"SecureBoot": {
"db": [
{
"CertificateString": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----\n",
"CertificateType": "PEM",
"Issuer": {
"Country": "CHN",
"State": "Guangdong",
"City": "Dongguan",
"Organization": "",
"OrganizationUnit": "",
"CommonName": "",
"Email": ""
},
"Subject": {
"Country": "CHN",
"State": "Guangdong",
"City": "Shenzhen",
"Organization": "",
"OrganizationUnit": "",
"CommonName": "",
"Email": ""
},
"ValidNotBefore": "Sep 26 2016 UTC",
"ValidNotAfter": "Sep 24 2026 UTC",
"KeyUsage": [
"DigitalSignature",
"NonRepudiation"
],
"SerialNumber": "e0 eb 8b bb f4 74 35 05",
"Fingerprint": "20ec3964c75cebb27b4a8ccb79c16fe43e09cc0ebe3918adebb83f175a5315ca",
"SignatureAlgorithm": "sha256WithRSAEncryption",
"FingerprintHashAlgorithm": "",
"UefiSignatureOwner": "77ff9abd-0359-4d32-bd60-28f5e78f784b"
}
],
"dbx": []
},
"Boot": {
"HttpsCert": [],
"HttpsCrl": []
}
},
"Actions": {
"#BootCertificates.ImportBootCert": {
"target": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ImportBootCert",
"@Redfish.ActionInfo": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/ImportBootCertActionInfo"
},
"#BootCertificates.ImportBootCrl": {
"target": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ImportBootCrl",
"@Redfish.ActionInfo": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/ImportBootCrlActionInfo"
},
"#BootCertificates.ResetBootCert": {
"target": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ResetBootCert",
"@Redfish.ActionInfo": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/ResetBootCertActionInfo"
},
"#BootCertificates.ResetBootCrl": {
"target": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ResetBootCrl",
"@Redfish.ActionInfo": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/ResetBootCrlActionInfo"
},
"#BootCertificates.ImportSecureBootCert": {
"target": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ImportSecureBootCert",
"@Redfish.ActionInfo": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/ImportSecureBootCertActionInfo"
},
"#BootCertificates.ResetSecureBootCert": {
"target": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ResetSecureBootCert",
"@Redfish.ActionInfo": "/redfish/v1/Systems/1/Bios/Oem/Public/BootCertificates/ResetSecureBootCertActionInfo"
}
}
}响应码:200
POST (ACTION)
ImportSecureBootCert
命令功能
导入安全启动证书
说明
导入的BIOS安全启动证书表示已下发的配置,但当前还未生效,下次系统重启时 生效;系统启动过程中无法导入证书。
命令格式
URL: https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ImportSecureBootCert
请求头:
X-Auth-Token: 123456789***********************
Content-Type: header_type请求消息体:
{
"Database": "database",
"CertificateString": "certificate_string",
"CertificateType": "certificate_type"
}请求头参数说明
参见 请求头参数说明
请求体参数说明
无
使用指南
系统重新启动时生效。 支持的BMC版本:BMC300 5.01.00.01及之后的版本。
使用实例
请求样例:
POST https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ImportSecureBootCertX-Auth-Token: 123456789*********************** Content-Type: header_type
请求消息体:
{
"Database": "database",
"CertificateString": "certificate_string",
"CertificateType": "certificate_type"
}响应样例:
{
"error": {
"code": "Base.1.0.GeneralError",
"message": "A general error has occurred. See ExtendedInfo for more information.",
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_0_0.Message",
"MessageId": "Base.1.0.Success",
"RelatedProperties": [],
"Message": "Successfully Completed Request",
"MessageArgs": [],
"Severity": "OK",
"Resolution": "None"
}
]
}
}响应码:200
POST (ACTION)
ResetSecureBootCert
命令功能
重置安全启动证书
说明
重置BIOS安全启动证书表示已下发的配置,但当前还未生效,下次系统重启时生 效;系统启动过程中无法重置证书。
命令格式
URL: https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ResetSecureBootCert
请求头:
X-Auth-Token: 123456789***********************
Content-Type: header_type请求消息体:
{
"Database": "database",
"ResetKeysType": "resetkeys_type"
}请求头参数说明
参见 请求头参数说明
请求体参数说明
无
使用指南
系统重新启动时生效。 支持的BMC版本:BMC300 5.01.00.01及之后的版本。
使用实例
请求样例:
POST https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ResetSecureBootCertX-Auth-Token: 123456789*********************** Content-Type: header_type
请求消息体:
{
"Database": "database",
"ResetKeysType": "resetkeys_type"
}响应样例:
{
"error": {
"code": "Base.1.0.GeneralError",
"message": "A general error has occurred. See ExtendedInfo for more information.",
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_0_0.Message",
"MessageId": "Base.1.0.Success",
"RelatedProperties": [],
"Message": "Successfully Completed Request",
"MessageArgs": [],
"Severity": "OK",
"Resolution": "None"
}
]
}
}响应码:200
POST (ACTION)
ImportBootCert
命令功能
导入 HTTPS 启动证书
说明
导入的BIOS HTTPS启动证书表示已下发的配置,但当前还未生效,下次系统重启 时生效;系统启动过程中无法导入证书。
命令格式
URL: https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ImportBootCert
请求头:
X-Auth-Token: 123456789***********************
Content-Type: header_type请求消息体:
{
"CertificateString": "certificate_string",
"CertificateType": "certificate_type"
}请求头参数说明
参见 请求头参数说明
请求体参数说明
无
使用指南
系统重新启动时生效。 支持的BMC版本:BMC300 5.01.00.01及之后的版本。
使用实例
请求样例:
POST https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ImportBootCertX-Auth-Token: 123456789*********************** Content-Type: header_type
请求消息体:
{
"CertificateString": "certificate_string",
"CertificateType": "certificate_type"
}响应样例:
{
"error": {
"code": "Base.1.0.GeneralError",
"message": "A general error has occurred. See ExtendedInfo for more information.",
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_0_0.Message",
"MessageId": "Base.1.0.Success",
"RelatedProperties": [],
"Message": "Successfully Completed Request",
"MessageArgs": [],
"Severity": "OK",
"Resolution": "None"
}
]
}
}响应码:200
POST (ACTION)
ResetBootCert
命令功能
重置 HTTPS 启动证书
说明
重置BIOS HTTPS启动证书表示已下发的配置,但当前还未生效,下次系统重启时 生效;系统启动过程中无法重置证书。
命令格式
URL: https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ResetBootCert
请求头:
X-Auth-Token: 123456789***********************
Content-Type: header_type请求消息体:
{
"ResetKeysType": "resetkeys_type"
}请求头参数说明
参见 请求头参数说明
请求体参数说明
无
使用指南
系统重新启动时生效。 支持的BMC版本:BMC300 5.01.00.01及之后的版本。
使用实例
请求样例:
POST https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ResetBootCertX-Auth-Token: 123456789*********************** Content-Type: header_type
请求消息体:
{
"ResetKeysType": "resetkeys_type"
}响应样例:
{
"error": {
"code": "Base.1.0.GeneralError",
"message": "A general error has occurred. See ExtendedInfo for more information.",
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_0_0.Message",
"MessageId": "Base.1.0.Success",
"RelatedProperties": [],
"Message": "Successfully Completed Request",
"MessageArgs": [],
"Severity": "OK",
"Resolution": "None"
}
]
}
}响应码:200
POST (ACTION)
ImportBootCrl
命令功能
导入 HTTPS 启动证书吊销列表
说明
导入的BIOS HTTPS启动证书吊销列表表示已下发的配置,但当前还未生效,下次 系统重启时生效;系统启动过程中无法导入吊销列表。
命令格式
URL: https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ImportBootCrl
请求头:
X-Auth-Token: 123456789***********************
Content-Type: header_type请求消息体:
{
"CertificateString": "certificate_string",
"CertificateType": "certificate_type"
}请求头参数说明
参见 请求头参数说明
请求体参数说明
无
使用指南
系统重新启动时生效。 支持的BMC版本:BMC300 5.01.00.01及之后的版本。
使用实例
请求样例:
POST https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ImportBootCrlX-Auth-Token: 123456789*********************** Content-Type: header_type
请求消息体:
{
"CertificateString": "certificate_string",
"CertificateType": "certificate_type"
}响应样例:
{
"error": {
"code": "Base.1.0.GeneralError",
"message": "A general error has occurred. See ExtendedInfo for more information.",
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_0_0.Message",
"MessageId": "Base.1.0.Success",
"RelatedProperties": [],
"Message": "Successfully Completed Request",
"MessageArgs": [],
"Severity": "OK",
"Resolution": "None"
}
]
}
}响应码:200
POST (ACTION)
ResetBootCrl
命令功能
重置 HTTPS 启动证书吊销列表
说明
重置BIOS HTTPS启动证书吊销列表表示已下发的配置,但当前还未生效,下次系 统重启时生效;系统启动过程中无法重置证书吊销列表。
命令格式
URL: https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ResetBootCrl
请求头:
X-Auth-Token: 123456789***********************
Content-Type: header_type请求消息体:
{
"ResetKeysType": "resetkeys_type"
}请求头参数说明
参见 请求头参数说明
请求体参数说明
无
使用指南
系统重新启动时生效。 支持的BMC版本:BMC300 5.01.00.01及之后的版本。
使用实例
请求样例:
POST https://device_ip/redfish/v1/Systems/system_id/Bios/Oem/Public/BootCertificates/Actions/BootCertificates.ResetBootCrlX-Auth-Token: 123456789*********************** Content-Type: header_type
请求消息体:
{
"ResetKeysType": "resetkeys_type"
}响应样例:
{
"error": {
"code": "Base.1.0.GeneralError",
"message": "A general error has occurred. See ExtendedInfo for more information.",
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_0_0.Message",
"MessageId": "Base.1.0.Success",
"RelatedProperties": [],
"Message": "Successfully Completed Request",
"MessageArgs": [],
"Severity": "OK",
"Resolution": "None"
}
]
}
}响应码:200