enrollment_certificates¶
The following methods allow for interaction with the ZPA ZPA Enrollment Certificates API endpoints.
Methods are accessible via zpa.enrollment_certificates
Copyright (c) 2023, Zscaler Inc.
Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- class EnrollmentCertificateAPI¶
Bases:
APIClientA Client object for the Enrollment Certificates resource.
- add_enrollment_cert(**kwargs)¶
Creates a new Enrollment Certificate.
- Parameters:
name (str) – The name of the new Enrollment certificate
description (str) – The description of the new Enrollment certificate
client_cert_type (str) – The client of the enrollment certificate. Values: ZAPP_CLIENT, ISOLATION_CLIENT
valid_from (str) – The start date/time of the enrollment certificate in RFC1123 format. Mon, 12 May 2025 16:00:00
valid_to (str) – The end date/time of the enrollment certificate in RFC1123 format. Mon, 12 May 2026 16:00:00
time_zone (str) – The time zone in IANA format Time America/Los_Angeles
parent_cert_id (str) – The unique identifier of the root certifi
- Returns:
EnrollmentCertificate: The created Enrollment Certificate object.
- Return type:
Tuple
Example
Add a new enrollment certificate
>>> added_cert, _, err = client.zpa.enrollment_certificates.add_enrollment_cert( ... name=f"NewCertZAPP_CLIENT_{random.randint(1000, 10000)}", ... description=f"NewCertZAPP_CLIENT_{random.randint(1000, 10000)}", ... parent_cert_id='8965' ... client_cert_type="ZAPP_CLIENT" ... valid_from="Mon, 12 May 2025 16:00:00", ... valid_to="Mon, 12 May 2026 13:30:00", ... time_zone="America/Los_Angeles" ... ) >>> if err: ... print(f"Error creating self signed certificate: {err}") ... return ... print(f"Self signed certificate added successfully: {added_cert.as_dict()}")
- delete_enrollment_certificate(cert_id, dry_run=None)¶
Deletes the specified enrollment certificate.
- Parameters:
- Returns:
Status code of the delete operation.
- Return type:
Example
Delete enrollment certificate by ID
>>> _, _, err = client.zpa.enrollment_certificates.delete_enrollment_certificate('8569') ... if err: ... print(f"Error deleting certificate: {err}") ... return ... print(f"Certificate with ID '8569' deleted successfully.")
- generate_csr(**kwargs)¶
Generates a new csr.
- Parameters:
- Returns:
The created Enrollment CSR object.
- Return type:
Tuple
Example
Basic example: Add a new Enrollment CSR
>>> added_csr, _, err = client.zpa.enrollment_certificates.generate_csr( ... name=f"NewEnrollementCertCSR_{random.randint(1000, 10000)}", ... description=f"NewEnrollementCertCSR_{random.randint(1000, 10000)}", ... ) >>> if err: ... print(f"Error enrollment certificate csr: {err}") ... return ... print(f"Enrollment certificate csr added successfully: {added_csr.as_dict()}") ... print(added_csr.csr)
- generate_self_signed(**kwargs)¶
Generates a new csr.
- Parameters:
name (str) – The name of the self signed Enrollment certificate
description (str) – The description of the signed Enrollment certificate
client_cert_type (str) – The client of the enrollment certificate. Values: ZAPP_CLIENT, ISOLATION_CLIENT
valid_from (str) – The start date/time of the enrollment certificate in RFC1123 format. Mon, 12 May 2025 16:00:00
valid_to (str) – The end date/time of the enrollment certificate in RFC1123 format. Mon, 12 May 2026 16:00:00
time_zone (str) – The time zone in IANA format Time America/Los_Angeles
root_certificate_id (str) – The unique identifier of the root certificate.
- Returns:
The created Self Signed certificate object.
- Return type:
Tuple
Example
Add a new Self Signed certificate
>>> added_cert, _, err = client.zpa.enrollment_certificates.generate_self_signed( ... name=f"NewCertZAPP_CLIENT_{random.randint(1000, 10000)}", ... description=f"NewCertZAPP_CLIENT_{random.randint(1000, 10000)}", ... client_cert_type="ZAPP_CLIENT" ... valid_from="Mon, 12 May 2025 16:00:00", ... valid_to="Mon, 12 May 2026 13:30:00", ... time_zone="America/Los_Angeles" ... ) >>> if err: ... print(f"Error creating self signed certificate: {err}") ... return ... print(f"Self signed certificate added successfully: {added_cert.as_dict()}") ... print(added_cert.zrsaencryptedprivatekey)
Add a new Self Signed certificate with Root Certificate ID
>>> added_cert, _, err = client.zpa.enrollment_certificates.generate_self_signed( ... name=f"NewCertZAPP_CLIENT_{random.randint(1000, 10000)}", ... description=f"NewCertZAPP_CLIENT_{random.randint(1000, 10000)}", ... client_cert_type="ZAPP_CLIENT" ... root_certificate_id='2519', ... valid_from="Mon, 12 May 2025 16:00:00", ... valid_to="Mon, 12 May 2026 13:30:00", ... time_zone="America/Los_Angeles" ... ) >>> if err: ... print(f"Error creating self signed certificate: {err}") ... return ... print(f"Self signed certificate added successfully: {added_cert.as_dict()}") ... print(added_cert.zrsaencryptedprivatekey)
- get_enrolment(certificate_id)¶
Returns information on the specified enrollment certificate.
- Parameters:
certificate_id (str) – The unique ID of the enrollment certificate.
- Returns:
A tuple containing the EnrollmentCertificate instance, response object, and error if any.
- Return type:
Tuple
Examples
>>> fetched_cert, _, err = client.zpa.certificates.get_enrolment('999999') ... if err: ... print(f"Error fetching certificate by ID: {err}") ... return ... print(fetched_cert.id)
- list_enrolment(query_params=None)¶
Enumerates Enrollment Certificates in your organization with pagination. A subset of Enrollment Certificates can be returned that match a supported filter expression or query.
- Parameters:
{dict} (query_params) –
Map of query parameters for the request.
[query_params.page]{str}: Specifies the page number.[query_params.page_size]{str}: Specifies the page size.If not provided, the default page size is 20. The max page size is 500.
[query_params.search]{str}: Search string for filtering results.- Returns:
A tuple containing (list of EnrollmentCertificate instances, Response, error)
- Return type:
Tuple
Examples
Retrieve enrollment certificates with pagination parameters:
>>> cert_list, _, err = client.zpa.enrollment_certificates.list_enrolment( ... query_params={'search': 'Connector', 'page': '1', 'page_size': '100'}) ... if err: ... print(f"Error listing certificates: {err}") ... return ... print(f"Total certificates found: {len(cert_list)}") ... for cert in cert_list: ... print(cert.as_dict())
- update_enrollment(cert_id, **kwargs)¶
Updates the specified enrollment certificate.
- Parameters:
cert_id (str) – The unique identifier for the enrollment certificate being updated.
- Returns:
SegmentGroup: The updated enrollment certificate object.
- Return type:
Tuple
Example
Add a new enrollment certificate
>>> added_cert, _, err = client.zpa.enrollment_certificates.add_enrollment_cert( ... name=f"NewCertZAPP_CLIENT_{random.randint(1000, 10000)}", ... description=f"NewCertZAPP_CLIENT_{random.randint(1000, 10000)}", ... parent_cert_id='8965' ... client_cert_type="ZAPP_CLIENT" ... valid_from="Mon, 12 May 2025 16:00:00", ... valid_to="Mon, 12 May 2026 13:30:00", ... time_zone="America/Los_Angeles" ... ) >>> if err: ... print(f"Error creating self signed certificate: {err}") ... return ... print(f"Self signed certificate added successfully: {added_cert.as_dict()}")