Layer7 API Management

  • Private Community

  • 1.  Anyone tried to export/import secure passords using restman?

    Posted May 16, 2018 02:36 PM

    I am trying to export all secure passwords from 9.2 cluster to a brand new 9.3v cluster.



  • 2.  Re: Anyone tried to export/import secure passords using restman?
    Best Answer

    Broadcom Employee
    Posted Jun 22, 2018 12:14 PM

    Good morning,

     

    Stored password can only be exported out when the encryptSecrets option is available which is mainly for the bundle option. Review the online documentation for restman: https://<gateway FQDN>:8443/restman/1.0/doc/restDoc.html 

     

    Sincerely,

     

    Stephen Hughes

    Director, CA Support



  • 3.  Re: Anyone tried to export/import secure passords using restman?

    Broadcom Employee
    Posted Oct 16, 2018 11:53 AM

    I tried the same using gmu restman from the command line tool on Gateway 9.2 with GMU1.4, it throws error as shown:

     

    1. Listing the Secure Password from the current gateway to get the id:

     

    gmu list -z config/dev.properties -t SECURE_PASSWORD
    Warning: TLS server certificate check has been disabled
    Running......................
    2b19ae186b0caef1ffb2352e11594e22 Siteminder

     

    2. Now trying to run a restman GET call to export the password.

    gmu restman -z config/dev.properties -m GET --path 1.0/bundle?password=2b19ae186b0caef1ffb2352e11594e22&encryptSecrets=true --header L7-key-passphrase:7layer
    Warning: TLS server certificate check has been disabled
    Running..............
    Status: 404 Not Found
    Server: Apache-Coyote/1.1
    Content-Length: 381
    Date: Tue, 16 Oct 2018 15:36:54 GMT
    <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
    <l7:Error xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
    <l7:Type>NotFound</l7:Type>
    <l7:TimeStamp>2018-10-16T11:36:54.773-04:00</l7:TimeStamp>
    <l7:Link rel="self" uri="https://axxxxxxxxxxxxxxxxxxx.com:8443/restman/1.0/bundle%3Fpassword"/>
    <l7:Detail>HTTP 404 Not Found</l7:Detail>
    </l7:Error>

    'encryptSecrets' is not recognized as an internal or external command,
    operable program or batch file.

     

     

    However, when I try executing the same via POSTMAN it worked fine.  

     

     

     

    Is this a bug in commandline GMU Tool that fails to execute the above restman command?  

     

    Please advise? If not, then please let me know the correct GMU restman command to export the secure password bundle.



  • 4.  Re: Anyone tried to export/import secure passords using restman?

    Posted Oct 16, 2018 04:51 PM

    Muthu,

     

    The error is a 404 not found, meaning it could not find the path you specified. From looking at your command, I believe you forgot to include /restman/ in the path.

     

    In other words, I think your path may need to read as follows in the command: 

    GET --path restman/1.0/bundle?password=2b19ae186b0caef1ffb2352e11594e22&encryptSecrets=true


  • 5.  Re: Anyone tried to export/import secure passords using restman?

    Broadcom Employee
    Posted Oct 16, 2018 06:20 PM

    Dustin,

     

    Thanks a lot for your response.  Nope, GMU RESTMAN command includes restman in the path automatically as you can see from the output from the above commands itself. Here's the snippet of the same.

     

    <l7:Link rel="self" uri="https://axxxxxxxxxxxxxxxxxxx.com:8443/restman/1.0/bundle%3Fpassword"/>

     

    If I include restman in the path, it adds restman twice in the path as you can see from the below commands output:

     

     

    I definitely feel something is wrong/bug when this command is executed from gmu restman.

     

    Appreciate if you can find out more details on this command to see whether it really works.