Created
March 13, 2020 14:45
-
-
Save petems/46f17923c6e9402ceefa57db0c940f82 to your computer and use it in GitHub Desktop.
Get info for cert from Vault
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ curl --header "X-Vault-Token: $VAULT_TOKEN" --request LIST http://127.0.0.1:8200/v1/pki/certs | |
{"request_id":"de47662c-784a-86b7-a387-fb7d4997f929","lease_id":"","renewable":false,"lease_duration":0,"data":{"keys":["22-d0-f7-2f-f6-c1-26-ca-2c-7c-fa-d7-63-ac-2b-a9-7d-3a-89-30","6b-0d-c3-94-c9-e1-20-d1-9a-eb-76-66-db-3d-8a-37-23-75-dc-1b"]},"wrap_info":null,"warnings":null,"auth":null} | |
$ curl --header "X-Vault-Token: $VAULT_TOKEN" http://127.0.0.1:8200/v1/pki/cert/22-d0-f7-2f-f6-c1-26-ca-2c-7c-fa-d7-63-ac-2b-a9-7d-3a-89-30 | |
{"request_id":"7eb822aa-4a88-fc32-7cf3-86d4a5b3f0f6","lease_id":"","renewable":false,"lease_duration":0,"data":{"certificate":"-----BEGIN CERTIFICATE-----\nMIIDpjCCAo6gAwIBAgIUItD3L/bBJsosfPrXY6wrqX06iTAwDQYJKoZIhvcNAQEL\nBQAwFjEUMBIGA1UEAxMLZXhhbXBsZS5jb20wHhcNMjAwMzEzMTQzNzMxWhcNMjUw\nMzEyMTQzODAxWjAtMSswKQYDVQQDEyJleGFtcGxlLmNvbSBJbnRlcm1lZGlhdGUg\nQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1veq6qgz\nX8X7efKNQLF7BzTKd5iFm7MypSZTpfd6kunUSKCrLoIPH+oNTUbxXLsGXPxsKvSt\nb4DNoZ/XJkCPjTjNY3m11AWDD3Yg/Ons/KBPlfIwPW/c0tQs3N1t+b83lSWbU98B\nFt/pmfQelsG2lP+N7YqGTYGkShhdgO1BApJizjlO0xOyrlnKqUZrm3ccIII+iHHo\n5CIHnwZoFXTrixuWDumE6nsCI7nQw4LJuuNCkOQfdVvVrcnWXK8fwRpHsZjcX4fL\nv6JpSkVkIfj3zpp47b2zhdwPi8MTthvlHcDwU7+iseHsClGDhJ0FfSOpvnwQ4Wis\nmHlPbCYMCzVXVQIDAQABo4HUMIHRMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\nBTADAQH/MB0GA1UdDgQWBBQTW6RW6565S3W0gqr8G+KFQADmVjAfBgNVHSMEGDAW\ngBSPUACzYtuTIA5VNhoGitB84NPOVjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUH\nMAKGH2h0dHA6Ly8xMjcuMC4wLjE6ODIwMC92MS9wa2kvY2EwMQYDVR0fBCowKDAm\noCSgIoYgaHR0cDovLzEyNy4wLjAuMTo4MjAwL3YxL3BraS9jcmwwDQYJKoZIhvcN\nAQELBQADggEBAEwrVmDoIkamedgRvLdiyUla+DP6L1FCLlg/G+MhyGqdaDdI9zZm\noEfF7b1BtgKG+G2GrCIyZdmafCkZbRnfn+qQLsPd8rHFrhqCmr8PKJckRMXFWniJ\np5Bd1N9pziVvnctsu9JatGTMzxYvvj14UJri9aMSfCcpDscxKz9sqh+l8QCxC9qJ\nbIjLj4hXgw7ggHGYVjhcqM8ifloGOsTZ1DAvNWEhoVRzw4t2083Ro0g9dS9i08VB\nnrgae+OMIdV+B6Xw14GXXqpIEe4al+vN+6l9hhGPal3W0qKNvAzxue8GRDil2D4b\neQj3+9rzqbUdkaIhZosSX9/iF32FEpCztt0=\n-----END CERTIFICATE-----","revocation_time":0},"wrap_info":null,"warnings":null,"auth":null} | |
$ curl --header "X-Vault-Token: $VAULT_TOKEN" http://127.0.0.1:8200/v1/pki/cert/22-d0-f7-2f-f6-c1-26-ca-2c-7c-fa-d7-63-ac-2b-a9-7d-3a-89-30 | jq | |
% Total % Received % Xferd Average Speed Time Time Time Current | |
Dload Upload Total Spent Left Speed | |
100 1542 100 1542 0 0 1505k 0 --:--:-- --:--:-- --:--:-- 1505k | |
{ | |
"request_id": "22de9e2f-1619-bd84-9d77-d2b463b6c2b0", | |
"lease_id": "", | |
"renewable": false, | |
"lease_duration": 0, | |
"data": { | |
"certificate": "-----BEGIN CERTIFICATE-----\nMIIDpjCCAo6gAwIBAgIUItD3L/bBJsosfPrXY6wrqX06iTAwDQYJKoZIhvcNAQEL\nBQAwFjEUMBIGA1UEAxMLZXhhbXBsZS5jb20wHhcNMjAwMzEzMTQzNzMxWhcNMjUw\nMzEyMTQzODAxWjAtMSswKQYDVQQDEyJleGFtcGxlLmNvbSBJbnRlcm1lZGlhdGUg\nQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1veq6qgz\nX8X7efKNQLF7BzTKd5iFm7MypSZTpfd6kunUSKCrLoIPH+oNTUbxXLsGXPxsKvSt\nb4DNoZ/XJkCPjTjNY3m11AWDD3Yg/Ons/KBPlfIwPW/c0tQs3N1t+b83lSWbU98B\nFt/pmfQelsG2lP+N7YqGTYGkShhdgO1BApJizjlO0xOyrlnKqUZrm3ccIII+iHHo\n5CIHnwZoFXTrixuWDumE6nsCI7nQw4LJuuNCkOQfdVvVrcnWXK8fwRpHsZjcX4fL\nv6JpSkVkIfj3zpp47b2zhdwPi8MTthvlHcDwU7+iseHsClGDhJ0FfSOpvnwQ4Wis\nmHlPbCYMCzVXVQIDAQABo4HUMIHRMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\nBTADAQH/MB0GA1UdDgQWBBQTW6RW6565S3W0gqr8G+KFQADmVjAfBgNVHSMEGDAW\ngBSPUACzYtuTIA5VNhoGitB84NPOVjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUH\nMAKGH2h0dHA6Ly8xMjcuMC4wLjE6ODIwMC92MS9wa2kvY2EwMQYDVR0fBCowKDAm\noCSgIoYgaHR0cDovLzEyNy4wLjAuMTo4MjAwL3YxL3BraS9jcmwwDQYJKoZIhvcN\nAQELBQADggEBAEwrVmDoIkamedgRvLdiyUla+DP6L1FCLlg/G+MhyGqdaDdI9zZm\noEfF7b1BtgKG+G2GrCIyZdmafCkZbRnfn+qQLsPd8rHFrhqCmr8PKJckRMXFWniJ\np5Bd1N9pziVvnctsu9JatGTMzxYvvj14UJri9aMSfCcpDscxKz9sqh+l8QCxC9qJ\nbIjLj4hXgw7ggHGYVjhcqM8ifloGOsTZ1DAvNWEhoVRzw4t2083Ro0g9dS9i08VB\nnrgae+OMIdV+B6Xw14GXXqpIEe4al+vN+6l9hhGPal3W0qKNvAzxue8GRDil2D4b\neQj3+9rzqbUdkaIhZosSX9/iF32FEpCztt0=\n-----END CERTIFICATE-----", | |
"revocation_time": 0 | |
}, | |
"wrap_info": null, | |
"warnings": null, | |
"auth": null | |
} | |
$ curl --header "X-Vault-Token: $VAULT_TOKEN" http://127.0.0.1:8200/v1/pki/cert/22-d0-f7-2f-f6-c1-26-ca-2c-7c-fa-d7-63-ac-2b-a9-7d-3a-89-30 | jq .data[] | |
% Total % Received % Xferd Average Speed Time Time Time Current | |
Dload Upload Total Spent Left Speed | |
100 1542 100 1542 0 0 1505k 0 --:--:-- --:--:-- --:--:-- 1505k | |
"-----BEGIN CERTIFICATE-----\nMIIDpjCCAo6gAwIBAgIUItD3L/bBJsosfPrXY6wrqX06iTAwDQYJKoZIhvcNAQEL\nBQAwFjEUMBIGA1UEAxMLZXhhbXBsZS5jb20wHhcNMjAwMzEzMTQzNzMxWhcNMjUw\nMzEyMTQzODAxWjAtMSswKQYDVQQDEyJleGFtcGxlLmNvbSBJbnRlcm1lZGlhdGUg\nQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1veq6qgz\nX8X7efKNQLF7BzTKd5iFm7MypSZTpfd6kunUSKCrLoIPH+oNTUbxXLsGXPxsKvSt\nb4DNoZ/XJkCPjTjNY3m11AWDD3Yg/Ons/KBPlfIwPW/c0tQs3N1t+b83lSWbU98B\nFt/pmfQelsG2lP+N7YqGTYGkShhdgO1BApJizjlO0xOyrlnKqUZrm3ccIII+iHHo\n5CIHnwZoFXTrixuWDumE6nsCI7nQw4LJuuNCkOQfdVvVrcnWXK8fwRpHsZjcX4fL\nv6JpSkVkIfj3zpp47b2zhdwPi8MTthvlHcDwU7+iseHsClGDhJ0FfSOpvnwQ4Wis\nmHlPbCYMCzVXVQIDAQABo4HUMIHRMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E\nBTADAQH/MB0GA1UdDgQWBBQTW6RW6565S3W0gqr8G+KFQADmVjAfBgNVHSMEGDAW\ngBSPUACzYtuTIA5VNhoGitB84NPOVjA7BggrBgEFBQcBAQQvMC0wKwYIKwYBBQUH\nMAKGH2h0dHA6Ly8xMjcuMC4wLjE6ODIwMC92MS9wa2kvY2EwMQYDVR0fBCowKDAm\noCSgIoYgaHR0cDovLzEyNy4wLjAuMTo4MjAwL3YxL3BraS9jcmwwDQYJKoZIhvcN\nAQELBQADggEBAEwrVmDoIkamedgRvLdiyUla+DP6L1FCLlg/G+MhyGqdaDdI9zZm\noEfF7b1BtgKG+G2GrCIyZdmafCkZbRnfn+qQLsPd8rHFrhqCmr8PKJckRMXFWniJ\np5Bd1N9pziVvnctsu9JatGTMzxYvvj14UJri9aMSfCcpDscxKz9sqh+l8QCxC9qJ\nbIjLj4hXgw7ggHGYVjhcqM8ifloGOsTZ1DAvNWEhoVRzw4t2083Ro0g9dS9i08VB\nnrgae+OMIdV+B6Xw14GXXqpIEe4al+vN+6l9hhGPal3W0qKNvAzxue8GRDil2D4b\neQj3+9rzqbUdkaIhZosSX9/iF32FEpCztt0=\n-----END CERTIFICATE-----" | |
0 | |
$ curl --header "X-Vault-Token: $VAULT_TOKEN" http://127.0.0.1:8200/v1/pki/cert/22-d0-f7-2f-f6-c1-26-ca-2c-7c-fa-d7-63-ac-2b-a9-7d-3a-89-30 | jq .data[] > foo.pem | |
% Total % Received % Xferd Average Speed Time Time Time Current | |
Dload Upload Total Spent Left Speed | |
100 1542 100 1542 0 0 1505k 0 --:--:-- --:--:-- --:--:-- 1505k | |
petersouter@Peters-MBP ~ $ openssl x509 -in foo.pem -text -noout | |
Certificate: | |
Data: | |
Version: 3 (0x2) | |
Serial Number: | |
22:d0:f7:2f:f6:c1:26:ca:2c:7c:fa:d7:63:ac:2b:a9:7d:3a:89:30 | |
Signature Algorithm: sha256WithRSAEncryption | |
Issuer: CN=example.com | |
Validity | |
Not Before: Mar 13 14:37:31 2020 GMT | |
Not After : Mar 12 14:38:01 2025 GMT | |
Subject: CN=example.com Intermediate Authority | |
Subject Public Key Info: | |
Public Key Algorithm: rsaEncryption | |
Public-Key: (2048 bit) | |
Modulus: | |
00:d6:f7:aa:ea:a8:33:5f:c5:fb:79:f2:8d:40:b1: | |
7b:07:34:ca:77:98:85:9b:b3:32:a5:26:53:a5:f7: | |
7a:92:e9:d4:48:a0:ab:2e:82:0f:1f:ea:0d:4d:46: | |
f1:5c:bb:06:5c:fc:6c:2a:f4:ad:6f:80:cd:a1:9f: | |
d7:26:40:8f:8d:38:cd:63:79:b5:d4:05:83:0f:76: | |
20:fc:e9:ec:fc:a0:4f:95:f2:30:3d:6f:dc:d2:d4: | |
2c:dc:dd:6d:f9:bf:37:95:25:9b:53:df:01:16:df: | |
e9:99:f4:1e:96:c1:b6:94:ff:8d:ed:8a:86:4d:81: | |
a4:4a:18:5d:80:ed:41:02:92:62:ce:39:4e:d3:13: | |
b2:ae:59:ca:a9:46:6b:9b:77:1c:20:82:3e:88:71: | |
e8:e4:22:07:9f:06:68:15:74:eb:8b:1b:96:0e:e9: | |
84:ea:7b:02:23:b9:d0:c3:82:c9:ba:e3:42:90:e4: | |
1f:75:5b:d5:ad:c9:d6:5c:af:1f:c1:1a:47:b1:98: | |
dc:5f:87:cb:bf:a2:69:4a:45:64:21:f8:f7:ce:9a: | |
78:ed:bd:b3:85:dc:0f:8b:c3:13:b6:1b:e5:1d:c0: | |
f0:53:bf:a2:b1:e1:ec:0a:51:83:84:9d:05:7d:23: | |
a9:be:7c:10:e1:68:ac:98:79:4f:6c:26:0c:0b:35: | |
57:55 | |
Exponent: 65537 (0x10001) | |
X509v3 extensions: | |
X509v3 Key Usage: critical | |
Certificate Sign, CRL Sign | |
X509v3 Basic Constraints: critical | |
CA:TRUE | |
X509v3 Subject Key Identifier: | |
13:5B:A4:56:EB:9E:B9:4B:75:B4:82:AA:FC:1B:E2:85:40:00:E6:56 | |
X509v3 Authority Key Identifier: | |
keyid:8F:50:00:B3:62:DB:93:20:0E:55:36:1A:06:8A:D0:7C:E0:D3:CE:56 | |
Authority Information Access: | |
CA Issuers - URI:http://127.0.0.1:8200/v1/pki/ca | |
X509v3 CRL Distribution Points: | |
Full Name: | |
URI:http://127.0.0.1:8200/v1/pki/crl | |
Signature Algorithm: sha256WithRSAEncryption | |
4c:2b:56:60:e8:22:46:a6:79:d8:11:bc:b7:62:c9:49:5a:f8: | |
33:fa:2f:51:42:2e:58:3f:1b:e3:21:c8:6a:9d:68:37:48:f7: | |
36:66:a0:47:c5:ed:bd:41:b6:02:86:f8:6d:86:ac:22:32:65: | |
d9:9a:7c:29:19:6d:19:df:9f:ea:90:2e:c3:dd:f2:b1:c5:ae: | |
1a:82:9a:bf:0f:28:97:24:44:c5:c5:5a:78:89:a7:90:5d:d4: | |
df:69:ce:25:6f:9d:cb:6c:bb:d2:5a:b4:64:cc:cf:16:2f:be: | |
3d:78:50:9a:e2:f5:a3:12:7c:27:29:0e:c7:31:2b:3f:6c:aa: | |
1f:a5:f1:00:b1:0b:da:89:6c:88:cb:8f:88:57:83:0e:e0:80: | |
71:98:56:38:5c:a8:cf:22:7e:5a:06:3a:c4:d9:d4:30:2f:35: | |
61:21:a1:54:73:c3:8b:76:d3:cd:d1:a3:48:3d:75:2f:62:d3: | |
c5:41:9e:b8:1a:7b:e3:8c:21:d5:7e:07:a5:f0:d7:81:97:5e: | |
aa:48:11:ee:1a:97:eb:cd:fb:a9:7d:86:11:8f:6a:5d:d6:d2: | |
a2:8d:bc:0c:f1:b9:ef:06:44:38:a5:d8:3e:1b:79:08:f7:fb: | |
da:f3:a9:b5:1d:91:a2:21:66:8b:12:5f:df:e2:17:7d:85:12: | |
90:b3:b6:dd |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment