Add support to list certificates
Redfish supports listing the certificates present in the
system, catered for the listing certificates.
Tested:
-------OP930-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U bbbb -P ppppp certificate list
Attempting login...
Not supported
User bbbb has been logged out
-------OP940-------
bash-4.2$ python openbmctool.py -H $BMC_IP -U xxxx -P xxxx certificate --help
usage: openbmctool.py certificate [-h] {update,replace,display,list} ...
optional arguments:
-h, --help show this help message and exit
subcommands:
valid certificate commands
{update,replace,display,list}
sub-command help
update Update the certificate
replace Replace the certificate
display Print the certificate
list Certificate list
bash-4.2$ python openbmctool.py -H $BMC_IP -U xxxx -P xxxx certificate list
--help
usage: openbmctool.py certificate list [-h]
optional arguments:
-h, --help show this help message and exit
bash-4.2$ python openbmctool.py -H $BMC_IP -U xxxx -P xxxx certificate list
Attempting login...
List certificates complete.
{
"@odata.context":
"/redfish/v1/$metadata#CertificateLocations.CertificateLocations",
"@odata.id": "/redfish/v1/CertificateService/CertificateLocations",
"@odata.type": "#CertificateLocations.v1_0_0.CertificateLocations",
"Description": "Defines a resource that an administrator can use in order to
locate all certificates installed on a given service",
"Id": "CertificateLocations",
"Links": {
"Certificates": [
{
"@odata.id":
"/redfish/v1/Managers/bmc/NetworkProtocol/HTTPS/Certificates/1"
},
{
"@odata.id": "/redfish/v1/AccountService/LDAP/Certificates/1"
},
{
"@odata.id": "/redfish/v1/Managers/bmc/Truststore/Certificates/1"
}
],
"Certificates@odata.count": 3
},
"Name": "Certificate Locations"
}
User xxxx has been logged out
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
Change-Id: Ia41370f88bcc170f4d82dc340e6d4a5ea969bd2b
diff --git a/thalerj/openbmctool.py b/thalerj/openbmctool.py
index 225d97e..25456bb 100755
--- a/thalerj/openbmctool.py
+++ b/thalerj/openbmctool.py
@@ -2686,6 +2686,36 @@
print("Display complete.")
return resp.text
+def certificateList(host, args, session):
+ """
+ Called by certificate management function.
+ Example:
+ certificate list
+ @param host: string, the hostname or IP address of the bmc
+ @param args: contains additional arguments used by the certificate
+ list sub command
+ @param session: the active session to use
+ """
+ if not redfishSupportPresent(host, session):
+ return "Not supported";
+
+ httpHeader = {'Content-Type': 'application/octet-stream'}
+ httpHeader.update(xAuthHeader)
+ url = "https://" + host + \
+ "/redfish/v1/CertificateService/CertificateLocations/"
+ try:
+ resp = session.get(url, headers=httpHeader, verify=False)
+ except(requests.exceptions.Timeout):
+ return(connectionErrHandler(args.json, "Timeout", None))
+ except(requests.exceptions.ConnectionError) as err:
+ return connectionErrHandler(args.json, "ConnectionError", err)
+ if resp.status_code != 200:
+ print(resp.text)
+ return "Failed to list certificates"
+ else:
+ print("List certificates complete.")
+ return resp.text
+
def enableLDAP(host, args, session):
"""
Called by the ldap function. Configures LDAP.
@@ -4026,6 +4056,10 @@
help="certificate type to display")
certDisplay.set_defaults(func=certificateDisplay)
+ certList = certMgmt_subproc.add_parser('list',
+ help="Certificate list")
+ certList.set_defaults(func=certificateList)
+
# local users
parser_users = subparsers.add_parser("local_users", help="Work with local users")
parser_users.add_argument('local_users', choices=['disableall','enableall', 'queryenabled'], help="Disable, enable or query local user accounts")