Certificate Managementlink
REST API supports the following certificate management actions:
Approve a certificatelink
Approves a certificate for a connector, so Fivetran trusts this certificate for a source database. The connector setup tests will fail if a non-approved certificate is provided.
Requestlink
POST api.fivetran.com/v1/certificates
{
"connector_id": "projected_sickle",
"hash": "r+u4QL4MGvZe...",
"encoded_cert": "MIID9DCCAtygAwIBAgIBQjANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxIjAgBgNVBAoMGUFtYXpvbiBXZWIgU2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxGzAZBgNVBAMMEkFtYXpvbiBSRF..."
}
Payload parameters
Name | Description |
---|---|
connector_id (required) |
The unique identifier for the connector. |
hash (required) |
Hash of the certificate. See how to get hash value in the Get certificate details section. |
encoded_cert (required) |
The certificate encoded in base64. See how to get encoded_cert value in the Get certificate details section. |
Responselink
HTTP 200 Success
{
"code": "Success",
"message": "The certificate has been trusted"
}
Get certificate detailslink
To get the certificate details, retain the default when you create a database connector with the Fivetran REST API. (Do not set "trust_certficates": true
when you create a database connector with API)
The setup test verifying the certificate will fail with a message that includes the hash
and encoded_cert
parameters you need:
{
"code": "Success",
"message": "Connector has been created",
"data": {
...,
"setup_tests": [
{
"title": "SSH Tunnel Connection",
"status": "SKIPPED",
"message": ""
},
{
"title": "Host Connection",
"status": "PASSED",
"message": ""
},
{
"title": "Validate Certificate",
"status": "FAILED",
"message": "No trust anchors for this connection",
"details": [
{
"hash": "r+u4QL4MGvZeY+DL15zONWVL...",
"name": "CN=Amazon RDS Root CA, OU=Amazon RDS, O=\"Amazon Web Services, Inc.\", L=Seattle, ST=Washington, C=US",
"public_key": "Sun RSA public key, 2048 bits\n modulus: 2325899...\n public exponent: 65537",
"encoded_cert": "MIID9DCCAtygAwIBAgIBQjANBgkqhkiG9w0BAQUFADCBijELMA...",
"sha1": "e8118856e7a7ce3...",
"sha256": "afebb840be0c1af65e63e0cbd79c..."
}
]
}
],
...
}
}
After you get the failed test message, note the values of hash
and encoded_cert
.
Send a POST request to the Fivetran API certificates endpoint with the hash
and encoded_cert
you just learned.
Approve a fingerprintlink
Approves a fingerprint, so Fivetran trusts this fingerprint for a source database, and the connector can connect to the source through an SSH tunnel. The connector setup tests will fail if a non-approved fingerprint is provided.
Requestlink
POST api.fivetran.com/v1/fingerprints
{
"connector_id": "projected_sickle",
"hash": "eUtPirI6yy...",
"public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6 ... fivetran user key"
}
Payload parameters
Name | Description |
---|---|
connector_id (required) |
The unique identifier for the connector. |
hash (required) |
Hash of the fingerprint. See how to get hash value in the Get fingerprint details section. |
public_key (required) |
The SSH public key. See how to get public_key value in the Get fingerprint details section. |
Responselink
HTTP 200 Success
{
"code": "Success",
"message": "The fingerprint has been trusted"
}
Get fingerprint detailslink
To get the fingerprint details, retain the default when you create a database connector with the Fivetran REST API. (Do not set "trust_fingerprints": true
when you create a database connector with API)
The setup test verifying the fingerprint will fail with a message that includes the hash
and public_key
parameters you need:
{
"code": "Success",
"message": "Connector has been created",
"data": {
...,
"setup_tests": [
{
"title": "SSH Tunnel Connection",
"status": "FAILED",
"message": "The ssh key might have changed",
"details": {
"hash": "eUtPirI6yy...",
"public_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC6 ... fivetran user key",
"type": "ssh-rsa",
"name": "fivetran user key"
}
},
{
"title": "Host Connection",
"status": "PASSED",
"message": ""
},
{
"title": "Validate Certificate",
"status": "SKIPPED",
"message": ""
}
],
...
}
}
After you get the failed test message, note the values of hash
and public_key
.
Send a POST request to the Fivetran API fingerprints endpoint with the hash
and public_key
you just learned.