2 Replies Latest reply on Aug 19, 2019 6:16 AM by APJ7033

    Automating "Add Key"

    APJ7033 Novice

      Hi

       

      We use certificate authentication for many of our systems. So for all my REST Hosts I need to add a private key to a keystore . If I manually run the workflow "Add Key" then create a REST Host that uses the private key everything works as expected when I do my REST calls. 

       

      What I am trying to do it automate the "add key" workflow. So I created a customized version of the workflow. The main difference is that I am retrieving the PEM encoded cert and key chain from a Resource Element with a MIME Type of text/string. Now if I create a REST Host using this key my REST calls are not authorized. This leads me to believe something is going wrong when I am adding my key. The only thing that seems different between what I am doing and what the "add key" workflow is doing is in the presentation of the workflow the input for the cert is a multi line.

        • 1. Re: Automating "Add Key"
          qc4vmware Master

          Can you provide a sample of your workflow?

          • 2. Re: Automating "Add Key"
            APJ7033 Novice

            Sending sample code from my environment is a little tricky. I did however manage to work around my issue. Here is a high level  of what I was doing that did not work and what I did to make it work.

             

            1) Search for the top level keystore assign to an attribute (pKeyStore)

            2) Create a child keystore using the above attribute (pKeyStore )and assign that to an attribute (cKeyStore)

            3) Using cKeyStore create a new key for private key1

            4) Using cKeyStore create a new key for private key2

             

            In my instance key2 would never be able to setup a SSL connection. what ended up working for me is as follows 

             

            1) Search for the top level keystore assign to an attribute (pKeyStore)

            2) Create a child keystore using the above attribute (pKeyStore )and assign that to an attribute (cKeyStore1)

            3) Using cKeyStore1 create a new key for private key1

            4) Create a child keystore using the above attribute (pKeyStore )and assign that to an attribute (cKeyStore2)

            5) Using cKeyStore1 create a new key for private key2

             

            it would almost seem as if somehow during the creation of key2 in the first instance I corrupted the key. But the work around works and I am now able to automate my REST Host creation with certificate authentication.