Send Docs Feedback

See the main Apigee documentation at Perform site search there as well.

Upload a Certificate to a Truststore

Resource Summary


Content Type



Keystores and Truststores,



Upload a Certificate to a Truststore

Uploads a certificate to a truststore in an environment.


If the cert is part of a chain, then the truststore must contain all certs in the chain, either as individual PEM or DER files or as a single file. If you use a single file, then the certs must be in order where the first cert in the file is the certificate used for TLS followed by the chain of certs, in order, to the CA certificate.


The final certificate is typically signed by the certificate issuer. For example, in the truststore, you upload a client certificate, client_cert_1, and the client certificate issuer's certificate, ca_cert. For more information, see Keystores and Truststores.


This API validates the following:

  • That file size is no larger than 50KB.
  • That the certificate is of type PEM or DER.
  • That the certificate is not expired. To bypass this validation, set ignoreExpiryValidation=true.

Resource URL /organizations/{org_name}/environments/{env_name}/keystores/{keystore_name}/certs

Query Parameters

Name Values Description

Specifies the alias name of the certificate used to create a virtual host.


By default, the API checks to make sure the certificate hasn't expired. Set to false to have the API validate for certificate expiration.


If false, do not throw an error when the file contains a chain with no newline between each cert. By default, Edge requires a newline between each cert in a chain.


Name Value Description

Specify the PEM or DER file containing the cert.

Request Body

org_name Mention the organization name true

env_name Mention the environment name true

keystore_name Mention the truststore name true

HTTP Basic

OAuth 2.0



Make a request and see the response.

Make a request and see the response.

Make a request and see the response.


Help or comments?