:pyhvac.api.secrets_engines.pki.read_ca_certificate
import hvac
client = hvac.Client()
read_ca_certificate_response = client.secrets.pki.read_ca_certificate()
print('Current PKI CA Certificate: {}'.format(read_ca_certificate_response))
:pyhvac.api.secrets_engines.pki.read_ca_certificate_chain
import hvac
client = hvac.Client()
read_ca_certificate_chain_chain_response = self.client.secrets.pki.read_ca_certificate_chain_chain()
print('Current PKI CA Certificate Chain: {}'.format(read_ca_certificate_chain_response))
:pyhvac.api.secrets_engines.pki.read_certificate
import hvac
client = hvac.Client()
read_certificate_response = self.client.secrets.pki.read_certificate(serial='crl')
print('Current PKI CRL: {}'.format(read_certificate_response))
:pyhvac.api.secrets_engines.pki.list_certificates
import hvac
client = hvac.Client()
list_certificate_response = self.client.secrets.pki.list_certificates()
print('Current certificates (serial numbers): {}'.format(list_certificate_response))
:pyhvac.api.secrets_engines.pki.submit_ca_information
import hvac
client = hvac.Client()
submit_ca_information_response = self.client.secrets.pki.submit_ca_information(
'-----BEGIN RSA PRIVATE KEY-----\n...\n-----END CERTIFICATE-----'
)
:pyhvac.api.secrets_engines.pki.read_crl_configuration
import hvac
client = hvac.Client()
read_crl_configuration_response = self.client.secrets.pki.read_crl_configuration()
print('CRL configuration: {}'.format(read_crl_configuration_response))
:pyhvac.api.secrets_engines.pki.set_crl_configuration
import hvac
client = hvac.Client()
set_crl_configuration_response = self.client.secrets.pki.set_crl_configuration(
expiry='72h',
disable=False
)
:pyhvac.api.secrets_engines.pki.read_urls
import hvac
client = hvac.Client()
read_urls_response = self.client.secrets.pki.read_urls()
print('Get PKI urls: {}'.format(read_urls_response))
:pyhvac.api.secrets_engines.pki.set_urls
import hvac
client = hvac.Client()
set_urls_response = self.client.secrets.pki.set_urls(
{
'issuing_certificates': ['http://127.0.0.1:8200/v1/pki/ca'],
'crl_distribution_points': ['http://127.0.0.1:8200/v1/pki/crl']
}
)
:pyhvac.api.secrets_engines.pki.read_crl
import hvac
client = hvac.Client()
read_crl_response = self.client.secrets.pki.read_crl()
print('Current CRL: {}'.format(read_crl_response))
:pyhvac.api.secrets_engines.pki.rotate_crl
import hvac
client = hvac.Client()
rotate_crl_response = self.client.secrets.pki.rotate_crl()
print('Rotate CRL: {}'.format(rotate_crl_response))
:pyhvac.api.secrets_engines.pki.generate_intermediate
import hvac
client = hvac.Client()
generate_intermediate_response = self.client.secrets.pki.generate_intermediate(
type='exported',
common_name='Vault integration tests'
)
print('Intermediate certificate: {}'.format(generate_intermediate_response))
:pyhvac.api.secrets_engines.pki.set_signed_intermediate
import hvac
client = hvac.Client()
set_signed_intermediate_response = self.client.secrets.pki.set_signed_intermediate(
'-----BEGIN CERTIFICATE...'
)
:pyhvac.api.secrets_engines.pki.generate_certificate
import hvac
client = hvac.Client()
generate_certificate_response = self.client.secrets.pki.generate_certificate(
name='myrole',
common_name='test.example.com'
)
print('Certificate: {}'.format(generate_certificate_response))
:pyhvac.api.secrets_engines.pki.revoke_certificate
import hvac
client = hvac.Client()
revoke_certificate_response = self.client.secrets.pki.revoke_certificate(
serial_number='39:dd:2e...'
)
print('Certificate: {}'.format(revoke_certificate_response))
:pyhvac.api.secrets_engines.pki.create_or_update_role
import hvac
client = hvac.Client()
create_or_update_role_response = self.client.secrets.pki.create_or_update_role(
'mynewrole',
{
'ttl': '72h',
'allow_localhost': 'false'
}
)
print('New role: {}'.format(create_or_update_role_response))
:pyhvac.api.secrets_engines.pki.read_role
import hvac
client = hvac.Client()
read_role_response = self.client.secrets.pki.read_role('myrole')
print('Role definition: {}'.format(read_role_response))
:pyhvac.api.secrets_engines.pki.list_roles
import hvac
client = hvac.Client()
list_roles_response = self.client.secrets.pki.list_roles()
print('List of available roles: {}'.format(list_roles_response))
:pyhvac.api.secrets_engines.pki.delete_role
import hvac
client = hvac.Client()
delete_role_response = self.client.secrets.pki.delete_role('role2delete')
:pyhvac.api.secrets_engines.pki.generate_root
import hvac
client = hvac.Client()
generate_root_response = self.client.secrets.pki.generate_root(
type='exported',
common_name='New root CA'
)
print('New root CA': {}'.format(generate_root_response))
:pyhvac.api.secrets_engines.pki.delete_root
import hvac
client = hvac.Client()
delete_root_response = self.client.secrets.pki.delete_root()
:pyhvac.api.secrets_engines.pki.sign_intermediate
import hvac
client = hvac.Client()
sign_intermediate_response = self.client.secrets.pki.sign_intermediate(
csr='....',
common_name='example.com',
)
print('Signed certificate: {}'.format(sign_intermediate_response))
:pyhvac.api.secrets_engines.pki.sign_self_issued
import hvac
client = hvac.Client()
sign_self_issued_response = self.client.secrets.pki.sign_self_issued(
certificate='...'
)
print('Signed certificate: {}'.format(sign_self_issued_response))
:pyhvac.api.secrets_engines.pki.sign_certificate
import hvac
client = hvac.Client()
sign_certificate_response = self.client.secrets.pki.sign_certificate(
name='myrole',
csr='...',
common_name='example.com'
)
print('Signed certificate: {}'.format(sign_certificate_response))
:pyhvac.api.secrets_engines.pki.sign_verbatim
import hvac
client = hvac.Client()
sign_verbatim_response = self.client.secrets.pki.sign_verbatim(
name='myrole',
csr='...'
)
print('Signed certificate: {}'.format(sign_verbatim_response))
:pyhvac.api.secrets_engines.pki.tidy
import hvac
client = hvac.Client()
tidy_response = self.client.secrets.pki.tidy()