Add Management Certificate

Updated: October 22, 2012

The Add Management Certificate operation adds a certificate to the list of management certificates. Management certificates, which are also known as subscription certificates, authenticate clients attempting to connect to resources associated with your Windows Azure subscription.

Request

The Add Management Certificate request may be constructed as follows. Replace <subscription-id> with the name of your subscription ID:

Method	Request URI	HTTP Version
POST	`https://management.core.windows.net/<subscription-id>/certificates`	HTTP/1.1

URI Parameters

None.

Request Headers

The following table describes required and optional request headers.

Request Header	Description
x-ms-version	Required. Specifies the version of the operation to use for this request. This header must be set to 2012-03-01 or later. For more information about versioning headers, see Service Management Versioning.

Request Body

The format of the request body is as follows:


< SubscriptionCertificate xmlns=”http://schemas.microsoft.com/windowsazure”>
   <SubscriptionCertificatePublicKey>base64-public-key</SubscriptionCertificatePublicKey>
   <SubscriptionCertificateThumbprint>certificate-thumbprint</SubscriptionCertificateThumbprint>
   <SubscriptionCertificateData>base64-certificate-raw-data</SubscriptionCertificateData>
</SubscriptionCertificate>

Request Elements

The following table describes the key elements in the request body:

Request Element	Description
SubscriptionCertificatePublicKey	A base64 representation of the management certificate public key.
SubscriptionCertificateThumbprint	The thumb print that uniquely identifies the management certificate.
SubscriptionCertificateData	The certificate’s raw data in base-64 encoded .cer format.

Response

The response includes an HTTP status code, a response body, and a set of response headers.

Status Code

If the subscription already has 10 certificates associated with it, the operation will return status code 400 (BadRequest).A successful operation returns status code 200 (OK).

For information about status codes, see Service Management Status and Error Codes.

Response Headers

The response for this operation includes the following headers. The response may also include additional standard HTTP headers. All standard headers conform to the HTTP/1.1 protocol specification.

Response Header	Description
x-ms-request-id	This header uniquely identifies the request that was made and can be used for troubleshooting the request. For more information, see Troubleshooting API Operations.

Response Body

None.

Authorization

Any management certificate associated with the subscription specified by <subscription-id> can be used to authenticate this operation. For additional details, see Authenticating Service Management Requests.

Remarks

The Add Management Certificate operation adds an X.509 management certificate to a list of certificates associated with a Windows Azure subscription. Management certificates, also called subscription certificates, are used to authenticate clients attempting to access resources in your Windows Azure Subscription. For more information on certificates, see Overview of Certificates in Windows Azure.

Each subscription can store a maximum of 25 management certificates. Attempting to add a 26th certificate to a subscription will result in an error, and return status code 400 (BadRequest).

The first management certificate associated with a particular subscription can only be added through the Windows Azure management portal. This is necessary because there is no existing management certificate to authenticate the operation.