In November 2020, the Apigee Edge API reference documentation will move to a new experience based on the Apigee integrated portal and visitors to this site will be redirected.

You are viewing the Apigee Edge API reference documentation. For the main product docs, and to search all docs, go to

Create an alias from certificate and key PEM files

Resource Summary


Content Type



Keystores and Truststores,



Create an alias from certificate and key PEM files

Creates a new alias in the keystore from a certificate/key pair. This method requires the certificate and key to be in separate PEM files.


If you want to create a truststore, create aliases from certificates only. For details, see Create an alias from a certificate PEM file.


Deprecation Warning: The password query paramater to this method has been deprecated for security reasons. If the private key requires a password, you must pass it as multipart/form-data. For example, if you are using cURL, use the -F password option to specify the password:


curl -X POST -H "Content-Type: multipart/form-data" \
-F keyFile="@server.key" -F certFile="@signed.crt" \
-F password=key_pword \
"{org_name}/e/{env_name}/keystores/{keystore_name}/aliases?alias={alias_name}&format=keycertfile" \
-u orgAdminEmail:password 


See Creating keystores and truststores using the Edge management API for more examples.

Resource URL /organizations/{org_name}/environments/{env_name}/keystores/{keystore_name}/aliases

Query Parameters

Name Values Description

Alias name.


Type of alias creation. This value must be keycertfile.


Flag that specifies whether to validate that the certificate hasn't expired. Set this value to true to skip validation.



Flag that specifies whether the Edge sys admin can download the private key. Set to true to enable the private key to be downloaded.


If false, do not throw an error when the certFile contains a chain with no newline between each cert. By default, Edge requires a newline between each cert in a chain.

Header Parameters

Name Values Description

Set to multipart/form-data.


Name Value Description

Private key file in PEM format.


Certificate file in PEM format.

Request Body

org_name Mention the organization name true

env_name Mention the environment name true

keystore_name Mention the keystore name true

HTTP Basic

OAuth 2.0



Make a request and see the response.

Make a request and see the response.

Make a request and see the response.


Help or comments?

  • If something's not working: Ask the Apigee Community or see Apigee Support.
  • If something's wrong with the docs: Click the "Send Feedback" button.
    (Incorrect? Unclear? Broken link? Typo?)