Bootstrap FreeKB - Broadcom API Gateway - List Certificates using the Gateway Migration Utility
Broadcom API Gateway - List Certificates using the Gateway Migration Utility
Updated:   |  Broadcom API Gateway articles

This assumes you are familiar with the basic usage of the Gateway Migration Utility. Following is an example of how to list every certificate in an API Gateway.

/path/to/GatewayMigrationUtility.sh restman
-host apig.example.com
-port 8443
-username john.doe
-password f5VPX0yUJPg.m4BrjdgMv84UgktddJD3xA
-method GET
-path '1.0/trustedCertificates'

 

Or the -argFile option can be used, to reduce the number of options that are used on the command line.

/path/to/GatewayMigrationUtility.sh restman
-argFile example.properties
-method GET
-path '1.0/trustedCertificates'

 

Or, you can return a single certificate by including the ID of the certificate

/path/to/GatewayMigrationUtility.sh restman
-argFile example.properties
-method GET
-path '1.0/trustedCertificates/fa003c1f2478cc407b0a8acbba2aa199'

 

Or, you can use the -query option to return a single certificate by including the name of the certificate.

/path/to/GatewayMigrationUtility.sh restman
-argFile example.properties
-method GET
-path '1.0/trustedCertificates'
-query 'name=Foo Bar CA'

 

The -response option can be used to output the XML to a file.

/path/to/GatewayMigrationUtility.sh restman
-argFile example.properties
-method GET
-path '1.0/trustedCertificates'
-response /path/to/example.xml

 

Here is an example of the output that should be returned.

<l7:List>
    <l7:Item>
        <l7:Name>Foo Bar CA</l7:Name>
        <l7:Id>fa003c1f2478cc407b0a8acbba2aa199</l7:Id>
        <l7:Type>TRUSTED_CERT</l7:Type>
        <l7:TimeStamp>2020-05-28T00:53:39.838-05:00</l7:TimeStamp>
        <l7:Link rel="self" uri="https://example.com:8443/restman/1.0/trustedCertificates/fa003c1f2478cc407b0a8acbba2aa199"/>
        <l7:Resource>
            <l7:TrustedCertificate id="fa003c1f2478cc407b0a8acbba2aa199" version="3">
                <l7:Name>Foo Bar CA</l7:Name>
                <l7:CertificateData>
                    <l7:IssuerName>CN%3DVeriSign+Class+3+Public+Primary+Certification+Authority+-+G5%2COU%3D%28c%29+2006+VeriSign%5C%2C+Inc.+-+For+authorized+use+only%2COU%3DVeriSign+Trust+Network%2CO%3DVeriSign%5C%2C+Inc.%2CC%3DUS</l7:IssuerName>
                    <l7:SerialNumber>109878343814372231238216740661118760447</l7:SerialNumber>
                    <l7:SubjectName>CN%3DFoo+Bar+CA</l7:SubjectName>
                    <l7:Encoded>MIIFODCCBCCgaaaBAgIQUT+5dDhwtzRAQY0wkwaZ/zANBgkqhkiG9w0BAQsFADCByjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVabcEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB+MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW5123MgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVjIENsYXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstgFyhx0LbUXVjnFSlIJluhL2AzxaJ+aQihiw6UwU35VEYJbA3oNL+F5BMm0lncZgQGUWfm893qZJ4Itt4PdWid/sgN6nFMl6UgfRk/InSn4vnlW9vf92Tpo2otLgjNBEsPIPMzWlnqEIRoiBAMnF4scaGGTDw5RgDMdtLXO637QYqzus3sBdO9pNevK1T2p7peYyo2qRA4lmUoVlqTObQJUHypqJuIGOmNIrLRM0XWTUP8TL9ba4cYY9Z/JJV3zADreJk20KQnNDz0jbxZKgRb78oMQw7jW2FUyPfG9D72MUpVKF2d6UiFjdS8W+cRmvvW1Cdj/JwDNRHxvSz+w9wIDAQABo4IBYzCCAV8wEgYDVR0TAQH/BAgwBgEB/wIBADAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vczEuc3ltY2IuY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB/wQEAwIBBjAvBggrBgEFBQcBAQQjMCEwHwYIK1234QUHMAGGE2h0dHA6Ly9zMi5zeW1jYi5jb20wawYDVR0gBGQwYjBgBgpghkgBhvhFAQc2MFIwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20vY3BzMCgGCCsGAQUFBwICMBwaGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20vcnBhMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFTeW1hbnRlY1BLSS0xLTUzNDAdBgNVHQ4EFgQUX2DPYZBV34RDFIpgKrL1evRDGO8wHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZIKKBNAQELBQADggEBAF6UVkndji1l9cE2UbYD49qecxnyH1mrWH5sJgUs+oHXXCMXIiw3k/eG7IXmsKP9H+IyqEVv4dn7ua/ScKAyQmW/hP4WKo8/xabWo5N9Q+l0IZE1KPRj6S7t9/Vcf0uatSDpCr3gRRAMFJSaXaXjS5HoJJtGQGX0InLNmfiIEfXzf+YzguaoxX7+0AjiJVgIcWjmzaLmFN5OUiQt/eV5E1PnXi8tTRttQBVSK/eHiXgSgW7ZTaoteNTCLD0IX4eRnh8OsN4wUmSGiaqdZpwOdgyA8nTYKvi4Os7X1g8RvmurFPW9QaAiY4nxug9vKWNmLT+sjHLF+8fk1A/yO0+MKcc=</l7:Encoded>
                </l7:CertificateData>
                <l7:Properties>
                    <l7:Property key="revocationCheckingEnabled">
                        <l7:BooleanValue>true</l7:BooleanValue>
                    </l7:Property>
                    <l7:Property key="trustAnchor">
                        <l7:BooleanValue>true</l7:BooleanValue>
                    </l7:Property>
                    <l7:Property key="trustedAsSamlAttestingEntity">
                        <l7:BooleanValue>false</l7:BooleanValue>
                    </l7:Property>
                    <l7:Property key="trustedAsSamlIssuer">
                        <l7:BooleanValue>false</l7:BooleanValue>
                    </l7:Property>
                    <l7:Property key="trustedForSigningClientCerts">
                        <l7:BooleanValue>false</l7:BooleanValue>
                    </l7:Property>
                    <l7:Property key="trustedForSigningServerCerts">
                        <l7:BooleanValue>true</l7:BooleanValue>
                    </l7:Property>
                    <l7:Property key="trustedForSsl">
                        <l7:BooleanValue>false</l7:BooleanValue>
                    </l7:Property>
                    <l7:Property key="verifyHostname">
                        <l7:BooleanValue>false</l7:BooleanValue>
                    </l7:Property>
                </l7:Properties>
            </l7:TrustedCertificate>
        </l7:Resource>
    </l7:Item>
</l7:List>

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter dbcc75 in the box below so that we can be sure you are a human.