Add Certificate

Scenario Overview

Adds or Update a certificate in the Crosswork. You can add certificates for these roles.

1. External Destination
2. Server Syslog Communication
3. Devices gNMI communication
4. Secure LDAP Communication
5. External Destination Server Auth
6. Application External Destination

Prerequisites

1. Before running this example, ensure to obtain access token. Refer 'Getting Started' section.
2. All certificates that are uploaded must be in Privacy Enhanced Mail (PEM) format.
3. Trust chain files that are uploaded may contain the entire hierarchy (root CA and intermediate certificates) in the same file.
4. Intermediate Keys need to be either PKCS1 or PKCS8 format.
5. A data destination must be configured prior to adding a new certificate for an external destination.

Add Certificate

Run the script _add_cert from the example directory.

cd cnc-tls-api-examples;./add_cert.sh

Script Details

#!/bin/bash
. ./cnc-api-common.sh

add_cert() {
    # assume cnc jwt is obtained prior to invoking this method by executing get-cnc-jwt.sh script
    # read from jwt file and export it as AUTH_TOKEN_HDR
     export_jwt

    # STEP 1 :  User to update input json with details of job to be created in the file CNC_API_INPUT
    # STEP 2 :  trigger add cert API
    # STEP 3 :  store the output in CNC_API_OUTPUT file

    CNC_TLS_API=$CNC_TLS_API_CTX/cert/update
    CNC_API_INPUT="@$PRJ/input/add_cert.json"	 
    CNC_API_OUTPUT="$PRJ/output/add_cert_response.json"
    http_post $CNC_API_URL $CNC_API_INPUT $CNC_API_OUTPUT
    
}
add_cert