Dear all =)
I would like to make a script that goes through our Passbolt and extracts all the certificate expiration dates.
So I have two questions =)
- Is it possible to create an user than can only read certificates?
- Is it possible to make a query that returns a list of all the certificates?
Hi @sandra and welcome to passbolt community forum
If you are talking about certificates stored as passbolt secrets, you can create a new user and share certificates with them with read-only rights.
You can query the passbolt API to fetch list of all certificates with a client. With go-passbolt-cli, you can fetch all resources with:
passbolt list resource
you can also choose the columns you want to be displayed:
passbolt list resource --column ID --column Name --column Username --column Password
Let me know if you have further questions.
Dear @_jc =)
Thanks a lot =)
Ok, that is super interesting!
Is it possible to preform a query that lists all certificates? The reason I am asking is that I can get a list of the certificates we store today, but I would like to be able to automatically detect if new certificates are added.
If such query is possible, then I could schedule the query each day and compare against the list of certificates from yesterday. If they differ, then I know which new certificate have been added.
Would that be possible?
With go-passbolt-cli, you can pipe the results with grep:
$ passbolt list resources | grep "your-pattern-to-match-certificates"
730ef2e3-c4fa-4b1f-a743-a2ced1a74c96 | ba4a8612-2848-432e-bc8b-b2aee0361ff6 | Cert 1 | email@example.com
0e894132-c082-4987-9f54-7eb15c60d49d | bb9b4ff9-660f-4e12-a2e8-45394016a00b | Cert 2 | firstname.lastname@example.org
That makes sense. Thanks a lot =)