salt.runners.venafiapi

Support for Venafi

depends:
  • vcert Python module

configuration:

In order to connect to Venafi services you need to specify it in Salt master configuration. Example for Venafi Cloud (using env variables):


venafi:

api_key: "sdb://osenv/CLOUDAPIKEY"

Example for Venafi Platform (using env variables):


venafi:

base_url: "https://tpp.example.com/" tpp_user: admin tpp_password: "sdb://osenv/TPP_PASSWORD" trust_bundle: "/opt/venafi/bundle.pem"

salt.runners.venafiapi.del_cached_domain(domains)

Delete cached domains from the master

CLI Example:

salt-run venafi.del_cached_domain domain1.example.com,domain2.example.com
salt.runners.venafiapi.list_domain_cache()

List domains that have been cached

CLI Example:

salt-run venafi.list_domain_cache
salt.runners.venafiapi.renew(minion_id, dns_name=None, zone=None, country=None, state=None, loc=None, org=None, org_unit=None, key_password=None, csr_path=None, pkey_path=None)

Request a new certificate

CLI Example:

salt-run venafi.request <minion_id> <dns_name>
salt.runners.venafiapi.request(minion_id, dns_name=None, zone=None, country=None, state=None, loc=None, org=None, org_unit=None, key_password=None, csr_path=None, pkey_path=None)

Request a new certificate

CLI Example:

salt-run venafi.request <minion_id> <dns_name>
salt.runners.venafiapi.show_cert(dns_name)

Show issued certificate for domain

CLI Example:

salt-run venafi.show_cert example.com