Venafi Sync Certificate¶
Overview¶
You can use the Venafi Sync Certificate API to retrieve all managed or unmanaged certificate files on Big-IP and synchronize there information in the BIG-IQ. This API can find all managed and unmanaged certificates on a BIG-IP, connect to the BIG-IP and get all the certificate files, such as .cert, .key, or .crl etc and sychronize them with the respective certificates in BIG-IQ.
REST Endpoint: /mgmt/cm/adc-core/external-ca/sync¶
Requests¶
POST /mgmt/cm/adc-core/external-ca/sync¶
Send a POST to the endpoint to retrieve all managed and unmanaged certificate files from BIG-IPs and sychronize them in BIG-IQ.
Request Parameters¶
| Name | Type | Required | Description |
|---|---|---|---|
| retrieveAll | boolean | True | To retrieve all certificates, managed or unmanaged, add a key retrieveAll: true. No value or value as false will retrieve only unmanaged certificates. |
| <bigip1> | string | True | root password |
| <bigip2> | string | True | root password |
Query Parameters¶
None
Response¶
The JSON in the POST’s response can include the following parameters.
HTTP/1.1 200 OK
| Name | Type | Required |
|---|---|---|
| <bigip1> | object | Import status objects of a BIG-IP |
| object1 | string | Import status information |
| object2 | string | Import status information |
| object3 | string | Import status information |
| object4 | string | Import status information |
Permissions¶
| Role | Allow |
|---|---|
| admin | Yes |
| Certificate Editor/Viewer | Yes |
Examples¶
POST to synchronize all certificates¶
Following is an example of a POST to synchronize all certificates.
POST https://<BIG-IQ>mgmt/cm/adc-core/external-ca/sync
The JSON in the body of the POST request can look similar to the following.
{
"retrieveAll": true,
"<bigip1>": "<root password>",
"<bigip2>": "<root password>"
}
Response¶
HTTP/1.1 200 OK
{
"<bigip1>": {
"<object1>": "<import status>",
"<object2>": "<import status>",
"<object3>": "<import status>",
"<object4>": "<import status>"
},
"<bigip2>": {
"<object1>": "<import status>",
"<object2>": "<import status>",
"<object3>": "<import status>",
"<object4>": "<import status>"
}
}