Automated SSL/TLS Cert in CVP

Although¬†CloudVision runs on CentOS 7 and uses nginx as a front end for the services, you can’t just use letsencrypt to issue a cert, as it seems like CV will overwrite it each time. I searched a bit and found a reference of using CV API to import and apply the cert.

After some trial and error I was able to write a simple 3 line curl commands which allow you to import & apply the cert issued by LE (I’m using acme.sh and I all ready issued the cert).

Using cURL

First we login to CVP and get a session cookie which we store in the file cookie

Next, we read the cer & key files which we created with acme.sh, removing the BEGIN & END headers and joining the lines,

and finally we install the cert (via the API),

Now all you need to do is to pull all the above in a script and put in the (acme.sh) renew hook.

Using Ansible

Translating the above into an ansible playbook,

Related Post

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *