API - System Health and Monitoring

This section details the API endpoint for retrieving system health and monitoring data, specifically focusing on Certificate Authority (CA) trust levels and rotation recommendations. This API is designed for programmatic consumption by monitoring systems, dashboards, and other applications that require a real-time overview of the PKI system's operational and security status.

Key Functionality

Get System Health

  • Endpoint: GET /api/v1/dashboard/system-health
  • Description: Retrieves a comprehensive summary of the PKI system's health, focusing on Certificate Authorities and their security posture.
  • Response: Returns a JSON object containing:
    • certificate_authorities: An array of all CAs, each including:
      • id, name, type.
      • trust_security_level: The computed security level of the CA (e.g., very_secure, secure, normal, corrupted, compromised).
      • password_protected: Boolean, indicating if the CA's private key is password-protected.
      • is_active: Boolean, indicating if the CA is active.
      • valid_until: The expiration date of the CA certificate.
      • certificates_issued: The total number of certificates issued by this CA.
    • rotation_recommendations: An array of CAs that require rotation, each including:
      • ca_id, ca_name.
      • urgency: The priority level for rotation (critical, high, medium, normal).
      • reason: A human-readable explanation for why the CA needs rotation.
    • statistics: Aggregated statistics, including:
      • total_cas: Total number of CAs.
      • active_cas: Number of active CAs.
      • password_protected_cas: Number of CAs with password-protected private keys.
      • trust_levels: A breakdown of CAs by their trust_security_level.

Inferred Specifications

  • API-Driven Operational Visibility: Provides a programmatic interface for continuous monitoring of the PKI system's health and security status.
  • CA Trust Level Reporting: Exposes the trust_security_level for each CA, offering a quick assessment of the security posture of individual Certificate Authorities.
  • Proactive Rotation Alerts: The API delivers actionable rotation recommendations, including urgency and clear reasons, enabling automated alerting and proactive management of CA lifecycles.
  • Detailed CA Statistics: Offers a granular breakdown of CAs by various attributes, such as activity status, password protection, and security trust levels, which is valuable for reporting and compliance.
  • Simplified Rotation Reasons: The getRotationReason helper method ensures that rotation recommendations are presented with clear, human-readable explanations, facilitating quick understanding and action.
  • Integration with Monitoring Systems: Designed to be easily integrated with external monitoring dashboards and alerting systems to provide real-time insights into PKI operations.

Vous n'avez pas envie de la manager ?

Découvrir notre offre PKI As A Service