unable to get A2A retrievable accounts (from either bash or ps) using a cert user

[sgundlach3]

I have tried these "Get retrievable accounts" commands in order to get the API key of the retrievable accounts and I can t' get either work. I can however pull the API keys from swagger, share with customer so they can do an A2A call to retrieve the passwords.

Can someone help, so cert users can pull the API keys of the retrievable accounts?

Here are the scripts that are NOT working:

---

Powershell

$mysystem=$args[0] $myaccount=$args[1]

$certpass= Get-Content C:\Data\SGCerts\Dup\IgnioORT\certpwd.txt | ConvertTo-SecureString -AsPlainText -Force $myAvailableAccts=Get-SafeguardA2aRetrievableAccount -Insecure -Appliance 150.172.116.3 -CertificateFile "C:\Data\SGCerts\DuP\ignioORT\ignioORT.p12" -Password $certpass $myapikey = $myAvailableAccts | where {(($.assetname -eq $mysystem) -and ($.Accountname -eq $myaccount))} | % APIKey Write-Host "apikey="$myapikey

Get-SafeguardA2aPassword -Insecure -Appliance 150.172.116.13 -CertificateFile "C:\Data\SGCerts\DuP\ignioORT\ignioORT.p12" -Password $certpass -ApiKey $myapikey

---

Safeguard-bash from Ubuntu

cpamops@CPAMNJWSDUP3:~/scripts$ echo | ./get-a2a-retrievable-account.sh -a 150.172.116.3 -c ibmaapi.cert.pem -k ibmaap i.key.pem

Enter pass phrase for ibmaapi.key.pem: [] cpamops@CPAMNJWSDUP3:~/scripts$ echo | ./get-a2a-retrievable-account.sh -a 150.172.116.3 -c ibmaapi.cert.pem -k ibmaapi.key.pem -v3

Enter pass phrase for ibmaapi.key.pem: []

[petrsnd]

We are investigating to determine the cause of the problem you are seeing.

[petrsnd]

@sgundlach3 We have been unable to reproduce your issue on either Powershell or Bash. Are you certain that your A2A registration is set up correctly? Were you able to get this working?

[sgundlach3]

Thanks.

I was not able to get this working—but the workaround to get the info from Swagger and send to the customer seems to work, so you can close the Issue.

Thanks Sherry Gundlach

[Text Description automatically generated]

From: petrsnd @.> Date: Friday, February 17, 2023 at 3:20 PM To: OneIdentity/safeguard-ps @.> Cc: Sherry Gundlach @.>, Mention @.> Subject: Re: [OneIdentity/safeguard-ps] unable to get A2A retrievable accounts (from either bash or ps) using a cert user (Issue #449)

@sgundlach3https://github.com/sgundlach3 We have been unable to reproduce your issue on either Powershell or Bash. Are you certain that your A2A registration is set up correctly? Were you able to get this working?

— Reply to this email directly, view it on GitHubhttps://github.com/OneIdentity/safeguard-ps/issues/449#issuecomment-1435223478, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AZ7E37QXMRTT633AY6BLBLDWX7MRPANCNFSM6AAAAAASSERJ2M. You are receiving this because you were mentioned.Message ID: @.***>

[petrsnd]

@sgundlach3 We were eventually able to reproduce this and identified it as a bug in SPP 7.1 and 7.0.1, where the API key information was mistakenly removed from the API response for certificate users. This issue has been fixed in SPP 7.2 and 7.0.2.

[sgundlach3]

Thanks so much!!

Appreciate your efforts.

Is 7.0.2 now available?

Thanks again Sherry

[Text Description automatically generated]

From: petrsnd @.> Date: Monday, February 27, 2023 at 5:03 PM To: OneIdentity/safeguard-ps @.> Cc: Sherry Gundlach @.>, Mention @.> Subject: Re: [OneIdentity/safeguard-ps] unable to get A2A retrievable accounts (from either bash or ps) using a cert user (Issue #449)

@sgundlach3https://github.com/sgundlach3 We were eventually able to reproduce this and identified it as a bug in SPP 7.1 and 7.0.1, where the API key information was mistakenly removed from the API response for certificate users. This issue has been fixed in SPP 7.2 and 7.0.2.

— Reply to this email directly, view it on GitHubhttps://github.com/OneIdentity/safeguard-ps/issues/449#issuecomment-1447179170, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AZ7E37XOEYJ5DLNWJ3XBOMDWZUQB3ANCNFSM6AAAAAASSERJ2M. You are receiving this because you were mentioned.Message ID: @.***>

[petrsnd]

@sgundlach3 It will be released for general availability very soon. Current target date is tomorrow (3/1). :)