Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1019
Views
0
Helpful
3
Replies

Use AXL API to view the contents of the CUCM certificate stores

Smacri
Level 1
Level 1

‎03-31-2022 04:00 PM

Hello,

 

The certificate manager alerting is not working on the CUCM, and we were looking at how to get the contents of all the certificates the CUCM uses (Own_Certs, Trust_Certs) so that we can monitor each of them. I have tried to use paramiko and python but the 'More' button has me stumped not to mention parsing it afterwards. Is there a way I can get this data using the AXL API? Brand new to AXL api world as an FYI  just using postman to test. 

 

--Example= Tomcat cert

Labels:
0 Helpful
3 Replies 3

Antonio Oliveira
Level 1
Level 1

‎04-03-2022 11:01 AM - edited ‎04-03-2022 11:03 AM

Hi, 

 

You can try AXL CUCM schemes, https://developer.cisco.com/docs/axl-schema-reference/, there are some certificates' elements but not sure if that's what you looking for.

0 Helpful

Smacri
Level 1
Level 1
In response to Antonio Oliveira

‎04-04-2022 10:25 AM

Hi Antonio,

 

Thanks for the response.

 

Using the wsdl, SOAPUI , and the <xsd:element name="getTvsCertificate" type="axlapi:GetTvsCertificate"/> I was able to get the UUID and display the results of the certificates. However, it doesn't include the Certificate Expiration which is the information required to monitor the status of the cert. We cant seem to find any element that provides this information. Any thoughts or ideas on how we can programmatically get each certificate and their expiration.

 

OUTPUT

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<ns:getTvsCertificateResponse xmlns:ns="http://www.cisco.com/AXL/API/12.5">
<return>
<tvsCertificate uuid="{0******-****-87FC-***9-6B1CF*****}">
<subjectName>L=*******,ST=****,CN=C**-ae*******,OU=********,O=**********,C=US</subjectName>
<issuerName>L=*******,ST=******,CN=C***-****,OU=*********,O=*****,C=US</issuerName>
<serialNumber>525**************</serialNumber>
<timeToLive/>
<ipv4Address>1**.**.*4.***</ipv4Address>
<ipv6Address/>
<roles/>
<services>
<service uuid="{*********}">
<serviceName>CAPF-trust</serviceName>
</service>
<service uuid="{*******-***-****-***********">
<serviceName>CallManager-trust</serviceName>
</service>
</services>
</tvsCertificate>
</return>
</ns:getTvsCertificateResponse>
</soapenv:Body>
</soapenv:Envelope>

0 Helpful

alan.giadosh1
Level 1
Level 1
In response to Smacri

‎09-22-2022 05:55 AM

I am trying to use this in my lab 

https://developer.cisco.com/docs/certificate-management/#!introduction

 

0 Helpful
Customers Also Viewed These Support Documents