System Information
This page documents the endpoints that reflect the system state and configuration of IDIAL. These include general system information, scheduler settings, GDS and CRL status, and supported device types.
GET /systeminfo
Returns general system information without requiring authentication. This endpoint is intended for use in monitoring systems and health checks.
Authentication: Not required
Request
curl -X GET http://localhost:5000/systeminfo
Response 200
{
"status": 0,
"software": "IDIAL @ BxC",
"version": "1.2.3",
"infrastructure": {
"db_version": "v1.2.0",
"sqlite_version": "3.45.1",
"python_version": "3.11.7",
"debian_version": "Debian 12.4",
"openssl_version": "OpenSSL 3.0.11 19 Sep 2023",
"idial_version": "0.3.1",
"updated_at": "2026-03-06 10:30:45"
},
"gds_push_scheduler_status": "running",
"gds_push_scheduler_active": true,
"gds_push_scheduler_renewal_days": 30,
"gds_push_scheduler_scan_interval_sec": 3600,
"monitor_scheduler_status": "running",
"monitor_scheduler_active": true,
"monitor_scheduler_scan_interval_sec": 3600,
"show_inactive_devices": false
}
Response Fields
| Field | Type | Description |
|---|---|---|
status | integer | Operational status of the system. Value: 0 = Ready. Enables consistent status reporting for monitoring systems. |
software | string | Software identifier. Fixed value: "IDIAL @ BxC". |
version | string | IDIAL software version information. Format: Semantic versioning (e.g., "1.2.3"). Purpose: Version checking and update management. |
infrastructure.db_version | string | Version of the database schema. Purpose: Database migration and compatibility checking. Example: "v1.2.0", "schema_20240305". |
infrastructure.sqlite_version | string | SQLite database engine version. Purpose: Verification of database compatibility and supported features. Example: "3.38.5", "3.45.1". |
infrastructure.python_version | string | Python interpreter version. Purpose: Runtime compatibility and dependency management. Example: "3.11.7", "3.13.2". |
infrastructure.debian_version | string | Operating system version of the container. Purpose: System compatibility and security patch status. Example: "Debian 12.4", "Ubuntu 22.04.3 LTS". |
infrastructure.openssl_version | string | Version of the OpenSSL cryptographic library. Purpose: Availability of security features and vulnerability assessment. Example: "OpenSSL 3.0.11 19 Sep 2023". |
infrastructure.idial_version | string | IDIAL application version (may differ from the main version). Purpose: Component-specific version tracking. Example: "0.3.1". |
infrastructure.updated_at | string | Timestamp of the last infrastructure information update. Format: ISO 8601. Purpose: Verification of data currency. Example: "2026-03-06 10:30:45". |
gds_push_scheduler_status | string | Current execution status of the GDS Push scheduler |
gds_push_scheduler_active | boolean | Indicates whether the GDS Push scheduler is active |
gds_push_scheduler_renewal_days | integer | Days before expiry at which renewal is triggered |
gds_push_scheduler_scan_interval_sec | integer | Scheduler scan interval in seconds |
monitor_scheduler_status | string | Current execution status of the monitor scheduler |
monitor_scheduler_active | boolean | Indicates whether the monitor scheduler is active |
monitor_scheduler_scan_interval_sec | integer | Monitor scheduler scan interval in seconds |
show_inactive_devices | boolean | Indicates whether inactive devices are shown in the inventory |
This endpoint was accessible under GET /get-info in earlier API versions. The path has been updated to /systeminfo.
Response 500
{"error": "string"}
POST /systeminfo
Updates the system configuration. This endpoint can be used to enable or disable schedulers and adjust scan intervals.
Authentication: Required (X-API-Key header)
Request
curl -X POST http://localhost:5000/systeminfo \
-H "X-API-Key: your-api-key" \
-H "Content-Type: application/json" \
-d '{"gds_push_scheduler_active": true, "gds_push_scheduler_renewal_days": 30}'
Request Body
{
"gds_push_scheduler_active": true,
"gds_push_scheduler_renewal_days": 30,
"gds_push_scheduler_scan_interval_sec": 3600,
"monitor_scheduler_active": true,
"monitor_scheduler_scan_interval_sec": 3600,
"show_inactive_devices": false
}
All fields are optional. Only the submitted fields are updated.
Response 200
The response matches the format of GET /systeminfo.
Response 500
{"error": "string"}
GET /gds/systeminfo
Returns GDS-specific system information, including supported OPC UA security policies, security modes, and operating modes.
Authentication: Required (X-API-Key header)
Response 200
JSON object with the GDS security configuration.
This endpoint returns the OPC UA Global Discovery Server (GDS) configuration as supported by the OPC UA client stack of the IDIAL container.
GET /crl/systeminfo
Returns the status of the CRL subsystem (Certificate Revocation List) as well as the status and reason code mappings used by IDIAL. These mappings are used internally during the CRL check process and are stored in the database.
Authentication: Required (X-API-Key header)
Response 200
{
"statuses": [
{ "id": 0, "name": "unknown", "description": "certificate revocation status is unknown or was not checked yet", "is_revoked": null },
{ "id": 1, "name": "not_revoked", "description": "certificate was checked against a CRL and is not revoked", "is_revoked": false },
{ "id": 2, "name": "revoked", "description": "certificate is listed as revoked in the CRL", "is_revoked": true },
{ "id": 3, "name": "certificate_missing", "description": "no certificate is stored for this asset", "is_revoked": null },
{ "id": 4, "name": "crl_missing", "description": "no CRL was available for the certificate", "is_revoked": null },
{ "id": 5, "name": "ca_missing", "description": "no issuing CA certificate was available for CRL validation", "is_revoked": null },
{ "id": 6, "name": "cert_chain_invalid", "description": "certificate chain is invalid for the configured issuing CA", "is_revoked": null },
{ "id": 7, "name": "ca_crlsign_missing", "description": "issuing CA certificate does not allow CRL signing", "is_revoked": null },
{ "id": 8, "name": "crl_issuer_mismatch", "description": "CRL issuer does not match the configured issuing CA", "is_revoked": null },
{ "id": 9, "name": "crl_signature_invalid", "description": "CRL signature could not be verified with the issuing CA", "is_revoked": null },
{ "id": 10, "name": "crl_time_invalid", "description": "CRL is outside its validity window", "is_revoked": null },
{ "id": 11, "name": "parsing_error", "description": "certificate, CA, or CRL could not be parsed correctly", "is_revoked": null },
{ "id": 12, "name": "self_signed", "description": "certificate is a self-signed certificate", "is_revoked": false }
],
"reasons": [
{ "id": 0, "name": "unspecified", "description": "no specific revocation reason was provided" },
{ "id": 1, "name": "keyCompromise", "description": "the subject private key is suspected to be compromised" },
{ "id": 2, "name": "cACompromise", "description": "the issuing CA private key is suspected to be compromised" },
{ "id": 3, "name": "affiliationChanged", "description": "the subject affiliation changed" },
{ "id": 4, "name": "superseded", "description": "the certificate was superseded" },
{ "id": 5, "name": "cessationOfOperation", "description": "the certificate is no longer needed because operations ceased" },
{ "id": 6, "name": "certificateHold", "description": "the certificate was temporarily placed on hold" },
{ "id": 8, "name": "removeFromCRL", "description": "the certificate was removed from a delta CRL" },
{ "id": 9, "name": "privilegeWithdrawn", "description": "the subject privileges were withdrawn" },
{ "id": 10,"name": "aACompromise", "description": "the attribute authority is suspected to be compromised" }
]
}
Response Fields
statuses[] — List of all known CRL check statuses
| Field | Type | Description |
|---|---|---|
id | integer | Internal identifier of the status, referenced in inventory entries |
name | string | Machine-readable status name |
description | string | Human-readable description of the status |
is_revoked | boolean | null | true = revoked, false = not revoked, null = indeterminate (e.g., CRL not available) |
reasons[] — List of RFC 5280-compliant revocation reasons
| Field | Type | Description |
|---|---|---|
id | integer | Numeric reason code per RFC 5280 |
name | string | Reason code name in CamelCase (corresponds to the OID name from RFC 5280) |
description | string | Human-readable explanation of the revocation reason |
The id values in reasons correspond directly to the RFC 5280 CRLReason codes. Reason code 7 (removeFromCRL in the delta CRL context) is not listed internally; id: 8 is removeFromCRL per RFC 5280 numbering.
GET /supported-devices
Returns a list of all OPC UA device types that IDIAL supports for certificate management via GDS Push. IDIAL maintains a compatibility list of device manufacturers and firmware versions that have been tested.
Authentication: Required (X-API-Key header)
Response 200
[
{
"id": 0,
"device_name": "SIMATIC S7-1500 OPC UA",
"firmware_version": "V02.09.04"
},
{
"id": 1,
"device_name": "SIMATIC S7-1500 OPC UA",
"firmware_version": "V03.01.03"
}
]
Response Fields
| Field | Type | Description |
|---|---|---|
id | integer | Internal identifier of the device/firmware combination. Referenced when adding an inventory entry (supported_device_firmware_id). |
device_name | string | Name of the device manufacturer and device type |
firmware_version | string | Tested and supported firmware version |
Use this endpoint to check whether a particular device model is supported before adding an OPC UA device to the inventory.