Page MenuHomeVyOS Platform

HTTPS API ability to import PKI certificates
In progress, NormalPublicFEATURE REQUEST


HTTPS API ability to import PKI certificates x.x.x.x/import

vyos@r4:~$ import pki 
Possible completions:
  ca                    Import CA certificate into PKI
  certificate           Import certificate into PKI
  crl                   Import certificate revocation list into PKI
  dh                    Import DH parameters into PKI
  key-pair              Import key pair into PKI
  openvpn               Import OpenVPN keys into PKI

We have a limitation: we can't import certs without entering configuration mode and committing.

vyos@r4:~$ import pki ca myca file /config/auth/ca_ansible.crt
You are not in configure mode, commands to install manually from configure mode:
set pki ca myca certificate 'MXXXxxx=='


Difficulty level
Unknown (require assessment)
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Feature (new functionality)

Event Timeline

Obviously, it does not work.

vyos@r4:~$ curl -k --location --request POST '' \
  --form data='{"op": "import-pki", "path": ["pki", "ca", "myca", "file", "/config/auth/ca_ansible.crt"]}' \
  --form key='foo'

{"success": true, "data": "1 value(s) installed. Use \"compare\" to see the pending changes, and \"commit\" to apply.\n", "error": null}
Viacheslav triaged this task as Normal priority.Jan 20 2024, 1:52 PM
natali-rs1985 changed the task status from Open to In progress.Feb 19 2024, 8:57 AM
natali-rs1985 claimed this task.