Certificate Management

REST API supports the following certificate management actions:

Approve a certificate

Approve a certificate

Approves a certificate for a connector, so Fivetran trusts this certificate for a source database. The connector setup tests will fail if a non-approved certificate is provided.

Request

POST api.fivetran.com/v1/certificates

{
    "connector_id": "projected_sickle",
    "hash": "r+u4QL4MGvZe...",
    "encoded_cert": "MIID9DCCAtygAwIBAgIBQjANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxGzAZBgNVBAMMEkFtYXpvbiBSRF..."
}

Payload parameters

Name	Description
`connector_id` (required)	The unique identifier for the connector.
`hash` (required)	Hash of the certificate. See how to get `hash` value in the Get certificate details section.
`encoded_cert` (required)	The certificate encoded in base64. See how to get `encoded_cert` value in the Get certificate details section.

Response

HTTP 200 Success

{
    "code": "Success",
    "message": "The certificate has been trusted"
}

Get certificate details

To get the certificate details, retain the default when you create a database connector with the Fivetran REST API. (Do not set "trust_certficates": true when you create a database connector with API)

The setup test verifying the certificate will fail with a message that includes the hash and encoded_cert parameters you need:

{
    "code": "Success",
    "message": "Connector has been created",
    "data": {
        ...,

        "setup_tests": [
            {
                "title": "SSH Tunnel Connection",
                "status": "SKIPPED",
                "message": ""
            },
            {
                "title": "Host Connection",
                "status": "PASSED",
                "message": ""
            },
            {
                "title": "Validate Certificate",
                "status": "FAILED",
                "message": "No trust anchors for this connection",
                "details": [
                    {
                        "hash": "r+u4QL4MGvZeY+DL15zONWVL...",
                        "name": "CN=Amazon RDS Root CA, OU=Amazon RDS, O=\"Amazon Web Services, Inc.\", L=Seattle, ST=Washington, C=US",
                        "public_key": "Sun RSA public key, 2048 bits\n  modulus: 2325899...\n  public exponent: 65537",
                        "encoded_cert": "MIID9DCCAtygAwIBAgIBQjANBgkqhkiG9w0BAQUFADCBijELMA...",
                        "sha1": "e8118856e7a7ce3...",
                        "sha256": "afebb840be0c1af65e63e0cbd79c..."
                    }
                ]
            }
        ],

        ...
    }
}

After you get the failed test message, note the values of hash and encoded_cert.

Send a POST request to the Fivetran API certificates endpoint with the hash and encoded_cert you just learned.