Bootstrap FreeKB - Venafi (Certificate Management) - Import a certificate in Venafi using REST API
Venafi (Certificate Management) - Import a certificate in Venafi using REST API


Let's say you have a file names foo.example.com.cer that contains a public certificate you would like to import into Venafi. On a Linux system, the cat command can be used to view the certificate data.

IMPORTANT

Importing the certificate imports the certificate into Venafi. Importing the certificate does not install the certificate on the target systems (installations).

cat foo.example.com.cer

 

Something like this should be returned.

-----BEGIN CERTIFICATE-----
MIIDWjCCAkICCQCuM2T5e0HMXzANBgkqhkiG9w0BAQ0FADBvMQswCQYDVQQGEwJV
UzELMAkGA1UECAwCV0kxETAPBgNVBAcMCEFwcGxldG9uMRQwEgYDVQQKDAtleGFt
cGxlLmNvbTEUMBIGA1UECwwLZXhhbXBsZS5jb20xFDASBgNVBAMMC2V4YW1wbGUu
Y29tMB4XDTIxMDYyOTEwMzc0OFoXDTIyMDYyOTEwMzc0OFowbzELMAkGA1UEBhMC
VVMxCzAJBgNVBAgMAldJMREwDwYDVQQHDAhBcHBsZXRvbjEUMBIGA1UECgwLZXhh
bXBsZS5jb20xFDASBgNVBAsMC2V4YW1wbGUuY29tMRQwEgYDVQQDDAtleGFtcGxl
LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMZbxKTN5e8CM9SC
RVQoxXJcJOp2s/sZnnaetJyJ8Rz6PaTW70Gx0PMfoDiEsVdjO5b8fGHeMKsaJLJh
P0gR1FOqJTfcNsNttGowIsuzIDLzpCqmf5Od16XpLVnAe5lXS/+zWiz+gf6rRCVX
0oitx/Qtf6OKCiP+bsq35/G/zAuvNG5VOQSXwpdBd0HqircZHzrNVB92UzfKKV9/
3+3CktJlNmhWT6p0d9O5hUFAxEwHWaQq+0Wvo/eZJuqOPJyehZdGZ0JUO3Q7vWs2
fKJ5OQemqgcjyM3KchI+v6z8eR8Wvwv4/ec41slj8EauGL5pH3AhlxCZhL2OqikJ
PQ05+0UCAwEAATANBgkqhkiG9w0BAQ0FAAOCAQEApeNAvVn7+/KLZGnoknagkWJo
kYtbZ/Mg38GOgScsIVN7Cxc+KfPn/HLrSUL+ERxh4uRWwRat8LcdW8xorZEUGLw1
cGvD1wzFDHo/AfU0jgdvzoVZU2/JhnZqXlkB/3UKv3SQlndIWfKdoFwxNxqw/5p/
jrt5RPuAP+TmBPhU8ME3iSLkWJ2Xs/0QiPULcbyPMMdMLco9LLQK52RayAqzygyy
Ji/uJSQbjYyecpXNbhf4ZDWbqUepEns+FyW+hncrUXf9dpxJo5/deIIwlm8JtAAQ
Y++IyXYTGq464py6kIM4YJBP6mlX16VP0gIXosnczLZHp+iLDvVITHMlNsmkLA==
-----END CERTIFICATE-----

 

The following command formats the certificate data into one line.

cat foo.example.com.cer | grep -v "BEGIN CERTIFICATE" | grep -v "END CERTIFICATE" | sed ':label; N; $! b label; s|\n||g'

 

This assumes you have already obtained a Bearer Token using curl. The following curl command can be used to import the certificate into Venafi. In this example, the certificate data returned by the cat command, in a single line, would be used.

curl 
--request POST
--url https://tpp.example.com/vedsdk/certificates/import
--header "Authorization: Bearer abc123"
--header "Content-Type: application/json"
--data '{ "PolicyDN": "\\VED\\Policy\\foo\\bar", "ObjectName": "foo.example.com", "CertificateData": "<certificate data goes here>" }'

 

Or like this.

curl 
--request POST
--url https://tpp.example.com/vedsdk/certificates/import
--header "Authorization: Bearer abc123"
--header "Content-Type: application/json"
--data @foo.json

 

If the import is successful, something like this should be returned.

{
 "CertificateDN":"\\VED\\Policy\\foo\\bar\\foo.example.com",
 "CertificateVaultId":414624,
 "Guid":"{aad9f295-729d-48bb-b1e2-803536fe770b}"
}

 

On the other hand, if the import fails, something like this should be returned.

{
 "Error":"Certificate object creation failure. The Certificate Data contained null or white spaces for (CertificateData)"
}

 




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee



Comments


Add a Comment


Please enter 8b9caf in the box below so that we can be sure you are a human.