Comments
-
Hi @hbonath, There are a couple of options. You can send {"override": True} in your POST to /auth. This will log you in with config mode. You can extract the message to identify if you were logged in with config mode or non-config mode and send a POST to /config-mode to switch to config mode. HTH. Jaime
-
Hello @G_Hosa_Phat, You didn't overlook this endpoint. The root cause has been reported to Engineering. The 6.5.4.8 API documentation link is redirecting to the SonicOS 7.0.1 API documentation so we were looking at the wrong information. The link I provided in my previous post correctly loads the Gen6 API documentation.
-
Hi @G_Hosa_Phat, The endpoint we've been working with is available on Gen7 only. On Gen6, I got it to work by sending a PUT to /certificates/export/signing-request/name/<NAME>/ftp/<FTPURL>. The same could be done with SCP. Take a look at the link at the bottom of this post. Working example:…
-
Happy to help! Welcome to the SonicWall Community! 🎉
-
I just tested this on both Gen6 and Gen7. On the Gen6 6.5.4.8 firmware release, I am getting the same 400 Bad Request response with the "API endpoint is incomplete" message. I did some research and could not get it to work. On the Gen7 7.0.1 release, I am able to successfully export the CSR. EDIT: I filed a report with…
-
In my experience, the API follows the CLI command structure very closely, so you might find the CLI documentation and CLI help menus and auto-completion/tabbing to be helpful. I haven't actually looked at the CLI documentation for certificates, and it is my first time looking at generating a CSR using the API. Personally,…
-
Hi @G_Hosa_Phat, I tested this out and have a solution for you. Check out the items below and the correct JSON to use. The country name (not abbreviation) is expected. It will fail if the country name isn't in the list of expected names. The API is very similar to the CLI so sometimes the CLI can provide hints where the…
-
Hi, just checking in. Did my responses help?
-
Hi, just checking in. Did my responses help?
-
I'm not very familiar with curl. You can try this, but may need to change the Content-Type to application/octet-stream: curl -k --location --request PUT 'https://firewall/api/sonicos/import/certificates/cert-key-pair/name/MYCERTNAME/password/MYCERTPASSWORD' --header 'Content-Type: application/json' -F…
-
To make this work you need to send the PUT to /api/sonicos/import/certificates/cert-key-pair/name/{NAME}/password/{PASSWD} with Content-Type: multipart/form-data in the header. The body should be a .PFX/.P12 file opened in binary mode with the Content-Type included. I used application/octet-stream. I was able to get it…
-
Hi @Mario, Either I haven't figured out how to properly use that endpoint or there's a problem with the endpoint. I'm working with Engineering to identify why it's not working. In the meantime, here's an alternative method using the API to send direct CLI commands. An FTP server hosts the certificate: Send a POST to…
-
I've been working on a tool for serial console automation. You can get the active VPNs using this script. You'll need to modify the script to configure the serial interface to use, SonicOS credentials, and a couple of other configuration variables. I added a report_active_tunnels() function for you that displays the…
-
@Nat, The URI path is the same for SonicOS 7.0 (/api/sonicos/auth). Try enabling HTTP Basic Access Authentication in the SonicOS API settings on DEVICE | Settings > Administration.
-
Hi @sapphireviper, Are you familiar with Python? If so, I have something that may help you. I wrote a script that can automate sending commands to a firewall over SSH Management. You can modify it to send the commands you want and manipulate the response data.…