PKI

Read CA Certificate

:pyhvac.api.secrets_engines.pki.read_ca_certificate

import hvac
client = hvac.Client()

    read_ca_certificate_response = client.secrets.pki.read_ca_certificate()
    print('Current PKI CA Certificate: {}'.format(read_ca_certificate_response))

Read CA Certificate Chain

:pyhvac.api.secrets_engines.pki.read_ca_certificate_chain

import hvac
client = hvac.Client()

    read_ca_certificate_chain_chain_response = self.client.secrets.pki.read_ca_certificate_chain_chain()
    print('Current PKI CA Certificate Chain: {}'.format(read_ca_certificate_chain_response))

Read Certificate

:pyhvac.api.secrets_engines.pki.read_certificate

import hvac
client = hvac.Client()

    read_certificate_response = self.client.secrets.pki.read_certificate(serial='crl')
    print('Current PKI CRL: {}'.format(read_certificate_response))

List Certificates

:pyhvac.api.secrets_engines.pki.list_certificates

import hvac
client = hvac.Client()

    list_certificate_response = self.client.secrets.pki.list_certificates()
    print('Current certificates (serial numbers): {}'.format(list_certificate_response))

Submit CA Information

:pyhvac.api.secrets_engines.pki.submit_ca_information

import hvac
client = hvac.Client()

    submit_ca_information_response = self.client.secrets.pki.submit_ca_information(
    '-----BEGIN RSA PRIVATE KEY-----\n...\n-----END CERTIFICATE-----'
    )

Read CRL Configuration

:pyhvac.api.secrets_engines.pki.read_crl_configuration

import hvac
client = hvac.Client()

    read_crl_configuration_response = self.client.secrets.pki.read_crl_configuration()
    print('CRL configuration: {}'.format(read_crl_configuration_response))

Set CRL Configuration

:pyhvac.api.secrets_engines.pki.set_crl_configuration

import hvac
client = hvac.Client()

    set_crl_configuration_response = self.client.secrets.pki.set_crl_configuration(
       expiry='72h',
       disable=False
    )

Read URLs

:pyhvac.api.secrets_engines.pki.read_urls

import hvac
client = hvac.Client()

    read_urls_response = self.client.secrets.pki.read_urls()
    print('Get PKI urls: {}'.format(read_urls_response))

Set URLs

:pyhvac.api.secrets_engines.pki.set_urls

import hvac
client = hvac.Client()

    set_urls_response = self.client.secrets.pki.set_urls(
    {
      'issuing_certificates': ['http://127.0.0.1:8200/v1/pki/ca'],
      'crl_distribution_points': ['http://127.0.0.1:8200/v1/pki/crl']
    }
    )

Read CRL

:pyhvac.api.secrets_engines.pki.read_crl

import hvac
client = hvac.Client()

    read_crl_response = self.client.secrets.pki.read_crl()
    print('Current CRL: {}'.format(read_crl_response))

Rotate CRLs

:pyhvac.api.secrets_engines.pki.rotate_crl

import hvac
client = hvac.Client()

    rotate_crl_response = self.client.secrets.pki.rotate_crl()
    print('Rotate CRL: {}'.format(rotate_crl_response))

Generate Intermediate

:pyhvac.api.secrets_engines.pki.generate_intermediate

import hvac
client = hvac.Client()

    generate_intermediate_response = self.client.secrets.pki.generate_intermediate(
        type='exported',
        common_name='Vault integration tests'
    )
    print('Intermediate certificate: {}'.format(generate_intermediate_response))

Set Signed Intermediate

:pyhvac.api.secrets_engines.pki.set_signed_intermediate

import hvac
client = hvac.Client()

    set_signed_intermediate_response = self.client.secrets.pki.set_signed_intermediate(
        '-----BEGIN CERTIFICATE...'
    )

Generate Certificate

:pyhvac.api.secrets_engines.pki.generate_certificate

import hvac
client = hvac.Client()

    generate_certificate_response = self.client.secrets.pki.generate_certificate(
       name='myrole',
       common_name='test.example.com'
    )
    print('Certificate: {}'.format(generate_certificate_response))

Revoke Certificate

:pyhvac.api.secrets_engines.pki.revoke_certificate

import hvac
client = hvac.Client()

    revoke_certificate_response = self.client.secrets.pki.revoke_certificate(
       serial_number='39:dd:2e...'
    )
    print('Certificate: {}'.format(revoke_certificate_response))

Create/Update Role

:pyhvac.api.secrets_engines.pki.create_or_update_role

import hvac
client = hvac.Client()

    create_or_update_role_response = self.client.secrets.pki.create_or_update_role(
       'mynewrole',
       {
          'ttl': '72h',
          'allow_localhost': 'false'
       }
    )
    print('New role: {}'.format(create_or_update_role_response))

Read Role

:pyhvac.api.secrets_engines.pki.read_role

import hvac
client = hvac.Client()

    read_role_response = self.client.secrets.pki.read_role('myrole')
    print('Role definition: {}'.format(read_role_response))

List Roles

:pyhvac.api.secrets_engines.pki.list_roles

import hvac
client = hvac.Client()

    list_roles_response = self.client.secrets.pki.list_roles()
    print('List of available roles: {}'.format(list_roles_response))

Delete Role

:pyhvac.api.secrets_engines.pki.delete_role

import hvac
client = hvac.Client()

    delete_role_response = self.client.secrets.pki.delete_role('role2delete')

Generate Root

:pyhvac.api.secrets_engines.pki.generate_root

import hvac
client = hvac.Client()

    generate_root_response = self.client.secrets.pki.generate_root(
       type='exported',
       common_name='New root CA'
    )
    print('New root CA': {}'.format(generate_root_response))

Delete Root

:pyhvac.api.secrets_engines.pki.delete_root

import hvac
client = hvac.Client()

    delete_root_response = self.client.secrets.pki.delete_root()

Sign Intermediate

:pyhvac.api.secrets_engines.pki.sign_intermediate

import hvac
client = hvac.Client()

    sign_intermediate_response = self.client.secrets.pki.sign_intermediate(
        csr='....',
        common_name='example.com',
    )
    print('Signed certificate: {}'.format(sign_intermediate_response))

Sign Self-Issued

:pyhvac.api.secrets_engines.pki.sign_self_issued

import hvac
client = hvac.Client()

    sign_self_issued_response = self.client.secrets.pki.sign_self_issued(
       certificate='...'
    )
    print('Signed certificate: {}'.format(sign_self_issued_response))

Sign Certificate

:pyhvac.api.secrets_engines.pki.sign_certificate

import hvac
client = hvac.Client()

    sign_certificate_response = self.client.secrets.pki.sign_certificate(
       name='myrole',
       csr='...',
       common_name='example.com'
    )
    print('Signed certificate: {}'.format(sign_certificate_response))

Sign Verbatim

:pyhvac.api.secrets_engines.pki.sign_verbatim

import hvac
client = hvac.Client()

    sign_verbatim_response = self.client.secrets.pki.sign_verbatim(
       name='myrole',
       csr='...'
    )
    print('Signed certificate: {}'.format(sign_verbatim_response))

Tidy

:pyhvac.api.secrets_engines.pki.tidy

import hvac
client = hvac.Client()

    tidy_response = self.client.secrets.pki.tidy()

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

pki.rst

pki.rst

PKI

Read CA Certificate

Read CA Certificate Chain

Read Certificate

List Certificates

Submit CA Information

Read CRL Configuration

Set CRL Configuration

Read URLs

Set URLs

Read CRL

Rotate CRLs

Generate Intermediate

Set Signed Intermediate

Generate Certificate

Revoke Certificate

Create/Update Role

Read Role

List Roles

Delete Role

Generate Root

Delete Root

Sign Intermediate

Sign Self-Issued

Sign Certificate

Sign Verbatim

Tidy

Files

pki.rst

Latest commit

History

pki.rst

File metadata and controls

PKI

Read CA Certificate

Read CA Certificate Chain

Read Certificate

List Certificates

Submit CA Information

Read CRL Configuration

Set CRL Configuration

Read URLs

Set URLs

Read CRL

Rotate CRLs

Generate Intermediate

Set Signed Intermediate

Generate Certificate

Revoke Certificate

Create/Update Role

Read Role

List Roles

Delete Role

Generate Root

Delete Root

Sign Intermediate

Sign Self-Issued

Sign Certificate

Sign Verbatim

Tidy