Difference between revisions of "Venafi api"

From UVOO Tech Wiki
Jump to navigation Jump to search
(Created page with "Platform->API->Integrations # Get Cert .env ``` set -a API_HOST=venafi.example.com USERNAME=foo PASSWORD=bar CLIENT_ID=apiIntergrationName SCOPE="certificate:manage" ``` `...")
 
Line 30: Line 30:
  
 
shopt -s expand_aliases
 
shopt -s expand_aliases
alias scurl="curl -s -b cookies.txt -c cookies.txt -H 'Content-type: application/json' -H 'Accept: application/json'"
+
alias scurl="curl -sS -b cookies.txt -c cookies.txt -H 'Content-type: application/json' -H 'Accept: application/json'"
  
 
json=$(cat <<-EOF
 
json=$(cat <<-EOF
Line 42: Line 42:
 
)
 
)
  
token=$(scurl -X POST https://$API_HOST/vedauth/authorize/oauth -d "${json}" | jq -r .access_token)
+
rsp=$(scurl -X POST https://$API_HOST/vedauth/authorize/oauth -d "${json}")
 +
token=$(echo "$rsp" | jq -r .access_token)
  
 
url="https://$API_HOST/vedsdk/Certificates/Retrieve"
 
url="https://$API_HOST/vedsdk/Certificates/Retrieve"
Line 62: Line 63:
  
 
rsp=$(scurl -H "Authorization:Bearer ${token}" -d "$json" "$url")
 
rsp=$(scurl -H "Authorization:Bearer ${token}" -d "$json" "$url")
# echo "$rsp"
 
  
 
echo "$rsp" | jq -r .CertificateData | base64 -d
 
echo "$rsp" | jq -r .CertificateData | base64 -d
 
```
 
```

Revision as of 17:37, 7 April 2023

Platform->API->Integrations

Get Cert

.env

set -a
API_HOST=venafi.example.com
USERNAME=foo
PASSWORD=bar
CLIENT_ID=apiIntergrationName
SCOPE="certificate:manage"

. .env

Get cert example via path

#!/bin/bash
set -eu
if [ "$#" -ne 1 ]; then
  echo "Usage: $0 <cert path>"
  echo "Example: $0 \"MyFolder\Subfolder\mycert1\""
  exit
fi
cert_path=$1

shopt -s expand_aliases
alias scurl="curl -sS -b cookies.txt -c cookies.txt -H 'Content-type: application/json' -H 'Accept: application/json'"

json=$(cat <<-EOF
  {
    "client_id":"$CLIENT_ID",
    "username":"${USERNAME}",
    "password":"${PASSWORD}",
    "scope":"${SCOPE}"
  }
EOF
)

rsp=$(scurl -X POST https://$API_HOST/vedauth/authorize/oauth -d "${json}")
token=$(echo "$rsp" | jq -r .access_token)

url="https://$API_HOST/vedsdk/Certificates/Retrieve"

    cert_path=$(echo $cert_path | sed 's/\\/\\\\/g')
    cert_prefix="\VED\Policy\Certificates\\"
    cert_prefix=$(echo $cert_prefix | sed 's/\\/\\\\/g')
    cert_dn="${cert_prefix}${cert_path}"

json=$(cat <<-EOF
  {
    "CertificateDN":"${cert_dn}",
    "Format":"Base64",
    "IncludeChain":"true",
    "RootFirstOrder":"true"
  }
EOF
)

rsp=$(scurl -H "Authorization:Bearer ${token}" -d "$json" "$url")

echo "$rsp" | jq -r .CertificateData | base64 -d