Venafi api

From UVOO Tech Wiki
Revision as of 17:28, 7 April 2023 by Busk (talk | contribs) (Created page with "Platform->API->Integrations # Get Cert .env ``` set -a API_HOST=venafi.example.com USERNAME=foo PASSWORD=bar CLIENT_ID=apiIntergrationName SCOPE="certificate:manage" ``` `...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Platform->API->Integrations

Get Cert

.env 

set -a
API_HOST=venafi.example.com
USERNAME=foo
PASSWORD=bar
CLIENT_ID=apiIntergrationName
SCOPE="certificate:manage"


. .env

Get cert example via path 

#!/bin/bash
set -eu
if [ "$#" -ne 1 ]; then
  echo "Usage: $0 <cert path>"
  echo "Example: $0 \"MyFolder\Subfolder\mycert1\""
  exit
fi
cert_path=$1

shopt -s expand_aliases
alias scurl="curl -s -b cookies.txt -c cookies.txt -H 'Content-type: application/json' -H 'Accept: application/json'"

json=$(cat <<-EOF
  {
    "client_id":"$CLIENT_ID",
    "username":"${USERNAME}",
    "password":"${PASSWORD}",
    "scope":"${SCOPE}"
  }
EOF
)

token=$(scurl -X POST https://$API_HOST/vedauth/authorize/oauth -d "${json}" | jq -r .access_token)

url="https://$API_HOST/vedsdk/Certificates/Retrieve"

    cert_path=$(echo $cert_path | sed 's/\\/\\\\/g')
    cert_prefix="\VED\Policy\Certificates\\"
    cert_prefix=$(echo $cert_prefix | sed 's/\\/\\\\/g')
    cert_dn="${cert_prefix}${cert_path}"

json=$(cat <<-EOF
  {
    "CertificateDN":"${cert_dn}",
    "Format":"Base64",
    "IncludeChain":"true",
    "RootFirstOrder":"true"
  }
EOF
)

rsp=$(scurl -H "Authorization:Bearer ${token}" -d "$json" "$url")
# echo "$rsp"

echo "$rsp" | jq -r .CertificateData | base64 -d
Retrieved from "https://tech.uvoo.io/index.php?title=Venafi_api&oldid=3985"