Get certificates using API
You can download certificates from the firewall using a GET
API request in a Linux command-line interface or a web browser.
Note
Make sure you've turned on API access and added the IP addresses from which administrators can make API requests. See API configuration.
Get certificate files
To get the certificates, their private keys, and the Entities.xml
file, use one of the following options:
-
Go to a Linux command-line interface and use the following syntax to enter the
GET
request:curl -ko <anyfilename.tar> 'https://<Firewall IP address or FQDN>:<web admin console's port>/webconsole/APIController?reqxml=<Request><Login><Username><admin username></Username><Password><admin password></Password></Login><Get><Certificate/></Get></Request>'
Example
curl -ko test.tar 'https://172.16.16.16:4444/webconsole/APIController?reqxml=<Request><Login><Username>admin</Username><Password>adminxyzpwd</Password></Login><Get><Certificate/></Get></Request>'
The files are downloaded to the
test.tar
file. -
Go to a web browser and use the following syntax to enter the
GET
request in the address bar:https://<Firewall IP address or FQDN>:<web admin console's port>/webconsole/APIController?reqxml=<Request><Login><Username><admin username></Username><Password><admin password></Password></Login><Get><Certificate/></Get></Request>
Example
https://172.16.16.16:4444/webconsole/APIController?reqxml=<Request><Login><Username>admin</Username><Password><adminxyzpwd></Password></Login><Get><Certificate/></Get></Request>
Extract the files
Go to the folder where you saved the .tar
file and use the following command to extract the files:
tar -xvf <filename>.tar