admin管理员组

文章数量:1123600

Hello,

I’m currently working on a project where I need to manage SSL/TLS certificates generated via AWS Certificate Manager (ACM) and deploy them to the Imperva portal to secure a website. So far, I have successfully:

1 : Generated a certificate on AWS ACM. 2 : Manually imported this certificate into Imperva via the UI.

However, I am now looking to automate the entire process, including:

  • Monitoring certificate expiration on AWS.
  • Downloading the renewed certificate from AWS.
  • Automatically importing the renewed certificate into Imperva.

What I’ve Tried:

Manual Process: I created a step-by-step guide for handling this manually, but I want to avoid human intervention. Imperva API: I found that Imperva provides an API endpoint (/customCertificate) for uploading custom certificates. I’ve started writing a Python script for this purpose. Here’s an example in python :

import requests

# Configuration
api_url = "/{extSiteId}/customCertificate"
api_key = "your_api_key"  # Replace with your Imperva API key
extSiteId = "your_extSiteId"  # Replace with your site's external ID

# Load certificate files
with open("certificate.crt", "r") as cert_file:
    certificate = cert_file.read()

with open("intermediate.crt", "r") as interm_file:
    intermediate = interm_file.read()

with open("private.key", "r") as key_file:
    private_key = key_file.read()

# Request payload
data = {
    "certificate": certificate,
    "intermediate": intermediate,
    "privateKey": private_key
}

# Headers
headers = {
    "Authorization": f"Bearer {api_key}",
    "Content-Type": "application/json"
}

# Send the request
response = requests.post(api_url.format(extSiteId=extSiteId), json=data, headers=headers)

# Check the response
if response.status_code == 200:
    print("Certificate successfully uploaded to Imperva.")
else:
    print(f"Error: {response.status_code} - {response.text}")

3. AWS Certificate Manager (ACM): I know AWS can automate certificate renewal internally, but I’m unsure of the best way to extract renewed certificates and push them to Imperva.

Questions:

  1. Is there a standard or best-practice approach for automating this entire workflow (generation, renewal, import)?
  2. Are there specific tools or frameworks for integrating with Imperva using their APIs?
  3. How do other developers handle automating certificate management between AWS and Imperva?
  4. Are there any examples of scripts or CI/CD pipelines that can achieve this?

I’m open to any suggestions or solutions to simplify and automate this process.

Thanks in advance for your help!

本文标签: pythonAutomating SSLTLS Certificate Renewal from AWS to Imperva via ScriptAPIStack Overflow

版权声明:本文标题:python - Automating SSLTLS Certificate Renewal from AWS to Imperva via ScriptAPI - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1736584132a1944988.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。