search

Layer7-Community / graphman-client

This repository contains a Postman collection, a Node.js CLI application, sample queries for the CLI, and GraphQL schemas for the Graphman API.
Other
7 stars 5 forks source link

enhancement explode / implode : Adding User certs and fip certs to options.level == 1 pem creation. #45

Closed muemi03 closed 2 months ago

muemi03 commented 5 months ago

Suggestion for explode / implode enhancement.

explode : Adding User and fips certs to options.level == 1 pem creation. implode : handling User and fips pem files on implode

Not all certificate data is available in the cert related json properties. Hence, in our scenario, we are using the pem files to find certs that will expire in some time with the help of openssl. To not miss any cert in use (maintained by the gateway) , we have added the internalUser certs and federatedUsers certs (aka. fipUsers) to get pem cert files created on options.level >= 1 I also added to extract the fips.certificateReferences to create the related pem files. There is no need to handle federatedIdp.trustedCerts, as those do not contain the certBase64 property anymore.

Once exploded, we can then simply use a find <exploded_dir> -name "*.pem" to find all certs and then openssl to gather all necessary info. openssl can also be used to gather all necessary data to create a new CSR.

muemi03 commented 2 months ago

Sine client version 1.3.00 this enhancement is included in the ootb code. federatedUsers and internalUsers certs gets separated into pem files when exploding with --option.level 1 Thanks a million ! Closing this request