Venafi Sync Certificate¶
Overview¶
You can use the Venafi Sync Certificate API to retrieve all managed or unmanaged certificate files on Big-IP and synchronize there information in the BIG-IQ. This API can find all managed and unmanaged certificates on a BIG-IP, connect to the BIG-IP and get all the certificate files, such as .cert, .key, or .crl etc and sychronize them with the respective certificates in BIG-IQ.
REST Endpoint: /mgmt/cm/adc-core/external-ca/sync¶
Requests¶
POST /mgmt/cm/adc-core/external-ca/sync¶
Send a POST to the endpoint to retrieve all managed and unmanaged certificate files from BIG-IPs and sychronize them in BIG-IQ.
Request Parameters¶
Name | Type | Required | Description |
---|---|---|---|
retrieveAll | boolean | True | To retrieve all certificates, managed or unmanaged, add a key retrieveAll: true. No value or value as false will retrieve only unmanaged certificates. |
<bigip1> | string | True | root password |
<bigip2> | string | True | root password |
Query Parameters¶
None
Response¶
The JSON in the POST’s response can include the following parameters.
HTTP/1.1 200 OK
Name | Type | Required |
---|---|---|
<bigip1> | object | Import status objects of a BIG-IP |
object1 | string | Import status information |
object2 | string | Import status information |
object3 | string | Import status information |
object4 | string | Import status information |
Permissions¶
Role | Allow |
---|---|
admin | Yes |
Certificate Editor/Viewer | Yes |
Examples¶
POST to synchronize all certificates¶
Following is an example of a POST to synchronize all certificates.
POST https://<BIG-IQ>mgmt/cm/adc-core/external-ca/sync
The JSON in the body of the POST request can look similar to the following.
{
"retrieveAll": true,
"<bigip1>": "<root password>",
"<bigip2>": "<root password>"
}
Response¶
HTTP/1.1 200 OK
{
"<bigip1>": {
"<object1>": "<import status>",
"<object2>": "<import status>",
"<object3>": "<import status>",
"<object4>": "<import status>"
},
"<bigip2>": {
"<object1>": "<import status>",
"<object2>": "<import status>",
"<object3>": "<import status>",
"<object4>": "<import status>"
}
}