A Windows-native CLI tool for interacting with the GlobalSign Atlas API using PowerShell and mTLS authentication.
This project is the Windows counterpart of the original Bash-based CLI built for Linux environments. It provides the same functionality and structure, adapted to work natively with Windows systems using PowerShell.
This tool allows you to interact with the GlobalSign Atlas API from the command line with a structured, menu-driven interface.
It is designed for:
- Certificate lifecycle management
- Automation of issuance workflows
- Testing and interacting with Atlas endpoints
- Internal tooling and operational use
The implementation focuses on:
- Simplicity
- Readability
- Maintainability
- Full feature parity with the Linux version
-
Official GlobalSign Atlas API Documentation:
https://api.docs.globalsign.com/docs/category/hvca -
Original Linux (Bash) Version:
https://github.com/ChristND242/GlobalSign-Atlas-API-CLI
- mTLS authentication using
.pfxcertificates - Secure API key / secret handling (runtime prompt)
- Full certificate lifecycle operations:
- Issue certificates
- Poll certificate status
- Retrieve certificates
- Retrieve trust chains
- Rekey / reissue certificates
- Structured menu-driven CLI
- JSON request support via external files
- Clean logging and formatted output
- Windows-native implementation (no curl dependency)
The script is structured into logical layers:
Handles:
- Base URL
- Certificate path
- API credentials
- Input/output files
All sensitive inputs are prompted securely at runtime.
Responsible for:
- Login via
/login - Token retrieval and storage
- Bearer token injection into subsequent requests
Implemented using PowerShell native calls:
Invoke-WebRequest- mTLS via
X509Certificate2
Handles:
- Request execution
- Status code capture
- Response body storage
- Header extraction (e.g. Location)
Encapsulates all workflows:
- Submit certificate request
- Extract certificate ID from response
- Poll until certificate is issued
- Save certificate and metadata
- Retrieve trust chain
- Fetch certificate details
- Display status and metadata
- Domain-related operations (if applicable)
- IP-based certificate operations (if applicable)
- Menu-driven navigation
- Input validation
- Structured output formatting
- User-friendly prompts
- Windows 10 / 11
- PowerShell 5.1+ or PowerShell 7+
- Valid GlobalSign Atlas API access
- mTLS certificate in
.pfxformat
This tool uses:
- PFX certificate for mTLS
- API Key / Secret for login
You will be prompted at runtime for:
- API Key
- API Secret
- PFX password
No credentials are stored in the script.
.
├── globalsign_atlas_api_cli.ps1
├── request.json
├── reissue.json
├── output/
└── README.md
Run the script from PowerShell:
.\globalsign_atlas_api_cli.ps1If execution policy blocks it, consult your organization’s policy.
- Launch the CLI
- Configure settings (API URL, certificate, etc.)
- Select "Issuance"
- Submit a certificate request
- Monitor polling until issued
- Retrieve certificate and trust chain
- Do not hardcode credentials in the script
- Always use secure input prompts
- Keep
.pfxfiles protected - Avoid committing sensitive data to version control
This project mirrors the original Bash implementation:
- Same feature set
- Same menu structure
- Same workflows
Key differences:
| Linux Version | Windows Version |
|---|---|
Uses curl |
Uses PowerShell native HTTP |
| PEM + KEY | PFX certificate |
| Bash script | PowerShell script |
This tool was built with a few principles in mind:
- Keep it simple and readable
- Avoid unnecessary abstractions
- Maintain parity across platforms
- Make debugging straightforward
- Keep control in the hands of the operator
- Internal tooling for certificate operations
- API testing and validation
- Automation workflows
- DevOps integration (manual or scripted)
- Learning and exploring Atlas API capabilities
MIT License
This project is open for the community to use, modify, and extend.
Contributions are welcome.
If you plan to:
- Extend functionality
- Improve structure
- Add new API flows
Feel free to open a PR or discussion.
Built to simplify interaction with the GlobalSign Atlas API and bring parity between Linux and Windows environments.