Managing CM Connections using ksctl
The following operations can be performed:
Get/delete/update a CM connection
List all CM connections
Test an existing CM connection
Test the connection parameters before establishing the connection
Getting Details of a CM Connection
To get details, run:
Syntax
ksctl connectionmgmt cm get --id <Connection-Name/ID>
Example Request
ksctl connectionmgmt cm get --id "fc01d709-7b2a-4235-87fe-6cdd20f1f22a"
Example Response
{
"id": "fc01d709-7b2a-4235-87fe-6cdd20f1f22a",
"external_cm_id": "4df54fb4-d3e6-432d-a917-4b587b180b05",
"uri": "kylo:kylo:connectionmgmt:connections:connection-1-cm-fc01d709-7b2a-4235-87fe-6cdd20f1f22a",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2023-04-19T10:20:16.124632Z",
"updatedAt": "2023-04-19T10:20:16.122917Z",
"service": "CM",
"category": "KeyManager",
"last_connection_ok": null,
"last_connection_at": "0001-01-01T00:00:00Z",
"name": "connection_1_CM",
"products": [
"cckm"
],
"client_certificate": "-----BEGIN CERTIFICATE-----\nMIIFgzCCA2ugAwIBAgIRAIYB4m8ecQQtl4eP3xNseBUwDQYJKoZIhvcNAQELBQAw\nWjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlRYMQ8wDQYDVQQHEwZBdXN0aW4xDzAN\nBgNVBAoTBlRoYWxlczEcMBoGA1UEAxMTQ2lwaGVyVHJ1c3QgUm9vdCBDQTAeFw0y\nMzA0MTgxMDE0NDJaFw0yNTA0MTgxMDE0NDJaMIGTMQswCQYDVQQGEwJVUzELMAkG\nA1UECBMCTUQxEDAOBgNVBAcTB0JlbGNhbXAxFTATBgNVBAoTDFRoYWxlcyBHcm91\ncDEMMAoGA1UECxMDUm5EMREwDwYDVQQDEwhreWxvLmNvbTEtMCsGA1UELhMkMDA4\nYzUyYmUtNGQyNi00MGIyLWE0MWYtYTg2ZGE1MzQxMDdlMIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAur6M7t4Z7cGTMQP0qJIk4LgsA0Erf1RujWwVDE1J\nAV3B1BL3mlnPrZm1Mu6U5sTU5eTLlT+HE+nRxWYPJ4Wed5GtZ/cBrWh4Z7IcP5Wl\nq9qXioiYL7hKnfGRHGJ4+WpueezR6HYoZSX/G5svEYd+sDi/4O73F1vx8pIkd0wR\nH4a74EQO7y2SsDKGwnndQFJCQjZlizuKBBQeNFi+pTU70AdDiEaZkt6/sIxFeVSn\nPhjIcq/HW9lzGYxGtIfcznsTQAyOjKn6wc/hC3c33IcNRRQPg+MPPyjZJswyGdju\nnlZNNQxRyrDV2HS+DO0PjS+bTxE8v68ejeHbuLvskOUQqwIDAQABo4IBCDCCAQQw\nDgYDVR0PAQH/BAQDAgOIMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAwGA1UdEwEB/wQC\nMAAwHwYDVR0jBBgwFoAUWdYFoqjVth/meouD25TsPe1pfnEwTgYDVR0RBEcwRYIR\nKi50aGFsZXNncm91cC5jb22CESoudGhhbGVzZ3JvdXAubmV0gRdjb250YWN0QHRo\nYWxlc2dyb3VwLmNvbYcEAQEBATBeBgNVHR8EVzBVMFOgUaBPhk1odHRwOi8vY2lw\naGVydHJ1c3RtYW5hZ2VyLmxvY2FsL2NybHMvNDA2MmVlNWMtZTMwNi00ODkzLWI5\nYjItMzFmNWZiY2NiYjY4LmNybDANBgkqhkiG9w0BAQsFAAOCAgEAVFXX69fNsMoB\nCLEflrfaAB2uHjRvdjS1nkWrNT5fWzD37ig85w70aYLH3yfdglHP4XilKEqMoX2E\nkC2NFSsA9JpwpYV3ZkZk9Q6oJBxUwg9ploxF3KJ/t6TkHR53ZY4qhak+fVXfjrBq\nHAoXusC4inIGYPc6x9OoWAqJjZBJTHICOxOux4VD9i1hTrOGrMCTsRkG+WFBU3Zp\n2DcwufZoSTNV/I8xHhqfSHiaTaeOJozG2Aoq3P06AT0JaphbJ1tJBTnua4ceA+/h\nJjwsC1Xuc6fHu+OQL2MxOC8DrCeP2tQc95KWrVb7WJJCeVu6To+Zto0m/Jc6rrne\nmu5D9Tnv/cmDfjPQk1EVf/IsL+baHpEDf9399ZI6w8WvU45IanYYBSMtRaHnKesa\n8k1bjWHZnWvG4ZTbOawX0q5LMkB+1Ee/8YxDvy3RlCRcGQGh+sPwgj0L/XzdAvK6\ne9mjs2nzpZF37Ns4UiaHUo44XZJDIkes8cqUpJhiqjPo/YPPeUqMGjucpCeIqKlh\nZoio6d8h3WddvsIIv+ygkAnUeVtiq0M2lwUKtKEBo+i8iXL3rctGCyPF5hQkRXWS\nu5hiVl9frMKTuE4X7FQIEPrZ1cPwsnfcQsMpZf5Mwbbwm/Ych9rrqWanYNAq+PVg\n7U4C7GwJZYDD3349pO7g4CasiYSCorI=\n-----END CERTIFICATE-----\n",
"client_id": "008c52be-4d26-40b2-a41f-a86da534107e",
"nodes": [
{
"id": "efec26ad-f9f1-44d0-850f-be2cc3ed54d0",
"uri": "kylo:kylo:connectionmgmt:cm-node:test2-efec26ad-f9f1-44d0-850f-be2cc3ed54d0",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2023-04-19T10:03:02.532367Z",
"hostname": "54.173.227.108",
"external_cm_id": "4df54fb4-d3e6-432d-a917-4b587b180b05"
}
],
"trusted_ca": [
{
"id": "fe92910f-98c4-4dd4-bdf0-f39a2160d5b5",
"uri": "kylo:kylo:connectionmgmt:cm-ca:test2-fe92910f-98c4-4dd4-bdf0-f39a2160d5b5",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2023-04-19T10:03:02.533998Z",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIFrzCCA5egAwIBAgIRAIDguiVeBLRGPRQUEerSkYEwDQYJKoZIhvcNAQELBQAw\nWjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlRYMQ8wDQYDVQQHEwZBdXN0aW4xDzAN\nBgNVBAoTBlRoYWxlczEcMBoGA1UEAxMTQ2lwaGVyVHJ1c3QgUm9vdCBDQTAeFw0y\nMzA0MTcwMjEyMTFaFw0zMzA0MTUwMjEyMTFaMFoxCzAJBgNVBAYTAlVTMQswCQYD\nVQQIEwJUWDEPMA0GA1UEBxMGQXVzdGluMQ8wDQYDVQQKEwZUaGFsZXMxHDAaBgNV\nBAMTE0NpcGhlclRydXN0IFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw\nggIKAoICAQCwz0QtPo+cFY2glDdusXMhkrVgv0bMGf9eXqgLOQ+8PsAoDvLg43AU\nAx7dDKvd73L1DsQmOwqeslx3bS3deBR2zyCfhy6tP1iL2iILsPuzJZqTzyu0+Sfs\nrnwplwM1oZE0E0QkkCM8vx0l7gn2plhx8CU9cu/s9Dbe1fcBFbqLURkDN3U3pTeo\nmAChjTQSVQwN6ZcpIEdAycRaUL9+AKt6/k9DjusQpNJkMtJjY4OYp5j6JGAgFdcK\nufzjsVzb16EEMu6yyXi/P/QXT8+7zwJdaocT80kMRrnIYvmLwjCNo3kZpvXLsE1G\nHPgNbzdbQgVT2afLeGKtMI1sRdoKII8gvEBdeO9NMyD/+VeY0Yop+hOSqPP/XQbF\ndtVenqKUG/6mq3Z6cz92R0R/Sw9KNnDixFa0cy4KAZhS2mn9E8HrTfwzn6mZiWbl\n3zehiyMN2eyOB1sAfJwL04D6bZYDWDlNnf/XXLChhkzUFImeA5QkYiPg0ZgNOGaD\nkveQbaog26ui4REaJm0cTjOnzIyRwl14iQ0OdDlrBcasgpDFMNMzsYEFmunPfLxK\n90+rgzlXXcowl7ZYIYwjcoc1IqPPNhjx2pHlkuYe8XXusRsuBEuHmg3eL+SpfsHE\nHnJn64ddofDqSGZ/4lJGYvcCVTE02jAa5olhOCl6fcV+y44xc/yZwwIDAQABo3Aw\nbjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWdYF\noqjVth/meouD25TsPe1pfnEwLAYDVR0RBCUwI4EhdGVjaG5pY2FsLnN1cHBvcnRA\ndGhhbGVzZ3JvdXAuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBz8a2KZo1MnkmD5w4I\nH7XpHsQ6cGlzYH72P5jik+6EHEkHHPXITvRj8nAW7nsXAZPLjjaJLJy46r94GYZN\neIY7PGgoRTdwRsSTPTmTc6cw/ZgJd5hWukKe0D1C15Lo7k87KV3CVh9aH28R1sEe\nFxY52b44qa/dZFAxUU5meXYFI/5lrzMvDZ7gTVQWhR0FFz5b8OcG0HupJQe/xson\nppERSDYLm4R6eDQ/kqQelFDEa3s8EUob3BQtPYWNMRPowlVOwir74XtXk9K4cPml\nz3tYZm4CqPLNtDiRmp3Qob/5EXzkgD7HdVzY7UkcZg5vTGZhIxHPZ4dCDE1xgEBS\n2IIpO05IEp3LBG9bqps4UlfMN7MjQf2mGlAoLhHA0mvVosAeawRmPQh8Ydvtk6mQ\n9HxmMk+WgOVuO6V/eYocXX0D7DYwJXWreFjRcpCtnpe0zOyzEdic025NoCM8yNa1\n3b889t5aXYFeZEI4bHu7IKYh0poGQyIPsN775UdmU3QU1XfghLx7s+faeooO1t18\ncnfbvrwZm++85Awb1caoOjuEeJj2h6xv5eRDpzC6F57pka80hNlmhCbMmbQFgjrE\nveC9pkn8Yf79RYC3HzRGgsOnoEdadlmibfF0MO18M2l+aEubChK1Btb1Z6F4Azje\n8RccyyfNBjhxQa73QAoaKHz02A==\n-----END CERTIFICATE-----",
"external_cm_id": "4df54fb4-d3e6-432d-a917-4b587b180b05",
"subject_dn": "CN=CipherTrust Root CA,O=Thales,L=Austin,ST=TX,C=US",
"expires_at": "2033-04-15T02:12:11Z"
}
]
}
Updating a CM Connection
To update a connection, run:
Syntax
ksctl connectionmgmt cm modify --id <Connection-Name/ID> --products <Products-Names> --meta <Key:Values> --client-cert-file <Client-Certificate-File> --client-id <Client-ID> --external-cm-id <External-CM-ID>
Example Request
ksctl cm modify --id "fc01d709-7b2a-4235-87fe-6cdd20f1f22a" --client-cert-file ./clientCert.pem --client-id "1cd6f437-53e1-4993-a391-1c503fb67eb0"
Example Response
{
"id": "fc01d709-7b2a-4235-87fe-6cdd20f1f22a",
"external_cm_id": "4df54fb4-d3e6-432d-a917-4b587b180b05",
"uri": "kylo:kylo:connectionmgmt:connections:connection-1-cm-fc01d709-7b2a-4235-87fe-6cdd20f1f22a",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2023-04-19T10:20:16.124632Z",
"updatedAt": "2023-04-19T10:57:31.751032799Z",
"service": "CM",
"category": "KeyManager",
"last_connection_ok": false,
"last_connection_error": "Connection error for hostname 54.173.227.108 : Post \"https://54.173.227.108/api/v1/auth/tokens/\": x509: cannot validate certificate for 54.173.227.108 because it doesn't contain any IP SANs\n",
"last_connection_at": "2023-04-19T10:26:55.486235Z",
"name": "connection_1_CM",
"products": [
"cckm"
],
"client_certificate": "-----BEGIN CERTIFICATE-----\nMIIFgjCCA2qgAwIBAgIQdS2UoiGtJ4+T2hZA/w63ZzANBgkqhkiG9w0BAQsFADBa\nMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgxDzANBgNVBAcTBkF1c3RpbjEPMA0G\nA1UEChMGVGhhbGVzMRwwGgYDVQQDExNDaXBoZXJUcnVzdCBSb290IENBMB4XDTIz\nMDQxODEwNTQxM1oXDTI1MDQxODEwNTQxM1owgZMxCzAJBgNVBAYTAlVTMQswCQYD\nVQQIEwJNRDEQMA4GA1UEBxMHQmVsY2FtcDEVMBMGA1UEChMMVGhhbGVzIEdyb3Vw\nMQwwCgYDVQQLEwNSbkQxETAPBgNVBAMTCGt5bG8uY29tMS0wKwYDVQQuEyQxY2Q2\nZjQzNy01M2UxLTQ5OTMtYTM5MS0xYzUwM2ZiNjdlYjAwggEiMA0GCSqGSIb3DQEB\nAQUAA4IBDwAwggEKAoIBAQDDH6fIayjJUVT/LVDf3qCJHZ7MfhWGvgKG1ZnD4LqL\nPvHZR5IUVuQO2zUsCKwPi4i1aF4nNlcvDlflCjLEyboct01LsBaQOgmpza7Hmq3s\nEKhUtYQBCbjSznunpuDEJYFkDAEbJ2+kitj1mGw1tryN28TeBOdaZxampN6BpGjN\nDimKwK7JprA8Lt69lhGFJMnZIJQzV8phuD7wazCF6ey73NWq8PQfYb0oShzg00eT\nMXx9cbt0AEeZ3Q8ZA+0st8bDleLShMdDI+MFgYzoQdelR1rKSMYXMXcjTUk9vBZ8\n5H+SsU69+ovt0v66Uty+eYF5hkxyrECwprvaB9xKIuPdAgMBAAGjggEIMIIBBDAO\nBgNVHQ8BAf8EBAMCA4gwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIw\nADAfBgNVHSMEGDAWgBRZ1gWiqNW2H+Z6i4PblOw97Wl+cTBOBgNVHREERzBFghEq\nLnRoYWxlc2dyb3VwLmNvbYIRKi50aGFsZXNncm91cC5uZXSBF2NvbnRhY3RAdGhh\nbGVzZ3JvdXAuY29thwQBAQEBMF4GA1UdHwRXMFUwU6BRoE+GTWh0dHA6Ly9jaXBo\nZXJ0cnVzdG1hbmFnZXIubG9jYWwvY3Jscy80MDYyZWU1Yy1lMzA2LTQ4OTMtYjli\nMi0zMWY1ZmJjY2JiNjguY3JsMA0GCSqGSIb3DQEBCwUAA4ICAQAnrnCnNPIurCgO\nTe+Gbt01n73AdPeNcyi5XDUSySmTBo5RqbGYJxJWNK3MnUxH4CGP+HCQx3ngJmXg\n2rq+WjcXhToSQ3U5oGHUksXungAjWIPjeohbOQlCRX7SuoXZGaYtoLODiocGbzoA\nTW2r0HewbFw5HEDjRTdgObDeO2tkxzjb123rHDYB9Q2NbZvwO4+cqtnWk0YmdnXf\nMt+FeK5bej3m0ysaByvm0rwCoF3F4THX8BDCa7CSdYjDRfVrg20mK8gl9XGQjMCh\nTLC/AIna+JyNV/f7v1Uyzyld5jtaGYwoYSZRnTZlow8XJUj1CpUDTXi5BnP+0zqW\neGzm0DRHNs8xzQig0avIG8wMmlH0FXCIdoZHUx+mxSXG0RjlZ86VqM4joQ/AQc31\nbNTfSVA0krkbj6maxOonv8yWu7nMAF917L7VFfvCyKABiZrwrP5V8WxB7w7rvMxs\nMa3GKYvq7tUTyE0qN+un6eRTctSPNdbia8pl07z6IGCl4plXCMQeZa+7BlQubAWZ\nhWywZQdQ6MSjh3CH8BeMQS1J5qEO4iK+le2kWphfYRvzvQLzfT6P3bpm9zeOFTCv\nYQDfL2RCDtXAfgxBXxP4ty+b8Ju2AAz38Cs6mkMpvBm6APgJ1V2Y003pUm1ECgqV\nIFmsJviCWlF9OYsnC1w8K0cfbk3A8w==\n-----END CERTIFICATE-----\n",
"client_id": "1cd6f437-53e1-4993-a391-1c503fb67eb0",
"nodes": [
{
"id": "efec26ad-f9f1-44d0-850f-be2cc3ed54d0",
"uri": "kylo:kylo:connectionmgmt:cm-node:test2-efec26ad-f9f1-44d0-850f-be2cc3ed54d0",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2023-04-19T10:03:02.532367Z",
"hostname": "54.173.227.108",
"external_cm_id": "4df54fb4-d3e6-432d-a917-4b587b180b05"
}
],
"trusted_ca": [
{
"id": "fe92910f-98c4-4dd4-bdf0-f39a2160d5b5",
"uri": "kylo:kylo:connectionmgmt:cm-ca:test2-fe92910f-98c4-4dd4-bdf0-f39a2160d5b5",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2023-04-19T10:03:02.533998Z",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIFrzCCA5egAwIBAgIRAIDguiVeBLRGPRQUEerSkYEwDQYJKoZIhvcNAQELBQAw\nWjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlRYMQ8wDQYDVQQHEwZBdXN0aW4xDzAN\nBgNVBAoTBlRoYWxlczEcMBoGA1UEAxMTQ2lwaGVyVHJ1c3QgUm9vdCBDQTAeFw0y\nMzA0MTcwMjEyMTFaFw0zMzA0MTUwMjEyMTFaMFoxCzAJBgNVBAYTAlVTMQswCQYD\nVQQIEwJUWDEPMA0GA1UEBxMGQXVzdGluMQ8wDQYDVQQKEwZUaGFsZXMxHDAaBgNV\nBAMTE0NpcGhlclRydXN0IFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw\nggIKAoICAQCwz0QtPo+cFY2glDdusXMhkrVgv0bMGf9eXqgLOQ+8PsAoDvLg43AU\nAx7dDKvd73L1DsQmOwqeslx3bS3deBR2zyCfhy6tP1iL2iILsPuzJZqTzyu0+Sfs\nrnwplwM1oZE0E0QkkCM8vx0l7gn2plhx8CU9cu/s9Dbe1fcBFbqLURkDN3U3pTeo\nmAChjTQSVQwN6ZcpIEdAycRaUL9+AKt6/k9DjusQpNJkMtJjY4OYp5j6JGAgFdcK\nufzjsVzb16EEMu6yyXi/P/QXT8+7zwJdaocT80kMRrnIYvmLwjCNo3kZpvXLsE1G\nHPgNbzdbQgVT2afLeGKtMI1sRdoKII8gvEBdeO9NMyD/+VeY0Yop+hOSqPP/XQbF\ndtVenqKUG/6mq3Z6cz92R0R/Sw9KNnDixFa0cy4KAZhS2mn9E8HrTfwzn6mZiWbl\n3zehiyMN2eyOB1sAfJwL04D6bZYDWDlNnf/XXLChhkzUFImeA5QkYiPg0ZgNOGaD\nkveQbaog26ui4REaJm0cTjOnzIyRwl14iQ0OdDlrBcasgpDFMNMzsYEFmunPfLxK\n90+rgzlXXcowl7ZYIYwjcoc1IqPPNhjx2pHlkuYe8XXusRsuBEuHmg3eL+SpfsHE\nHnJn64ddofDqSGZ/4lJGYvcCVTE02jAa5olhOCl6fcV+y44xc/yZwwIDAQABo3Aw\nbjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWdYF\noqjVth/meouD25TsPe1pfnEwLAYDVR0RBCUwI4EhdGVjaG5pY2FsLnN1cHBvcnRA\ndGhhbGVzZ3JvdXAuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBz8a2KZo1MnkmD5w4I\nH7XpHsQ6cGlzYH72P5jik+6EHEkHHPXITvRj8nAW7nsXAZPLjjaJLJy46r94GYZN\neIY7PGgoRTdwRsSTPTmTc6cw/ZgJd5hWukKe0D1C15Lo7k87KV3CVh9aH28R1sEe\nFxY52b44qa/dZFAxUU5meXYFI/5lrzMvDZ7gTVQWhR0FFz5b8OcG0HupJQe/xson\nppERSDYLm4R6eDQ/kqQelFDEa3s8EUob3BQtPYWNMRPowlVOwir74XtXk9K4cPml\nz3tYZm4CqPLNtDiRmp3Qob/5EXzkgD7HdVzY7UkcZg5vTGZhIxHPZ4dCDE1xgEBS\n2IIpO05IEp3LBG9bqps4UlfMN7MjQf2mGlAoLhHA0mvVosAeawRmPQh8Ydvtk6mQ\n9HxmMk+WgOVuO6V/eYocXX0D7DYwJXWreFjRcpCtnpe0zOyzEdic025NoCM8yNa1\n3b889t5aXYFeZEI4bHu7IKYh0poGQyIPsN775UdmU3QU1XfghLx7s+faeooO1t18\ncnfbvrwZm++85Awb1caoOjuEeJj2h6xv5eRDpzC6F57pka80hNlmhCbMmbQFgjrE\nveC9pkn8Yf79RYC3HzRGgsOnoEdadlmibfF0MO18M2l+aEubChK1Btb1Z6F4Azje\n8RccyyfNBjhxQa73QAoaKHz02A==\n-----END CERTIFICATE-----",
"external_cm_id": "4df54fb4-d3e6-432d-a917-4b587b180b05",
"subject_dn": "CN=CipherTrust Root CA,O=Thales,L=Austin,ST=TX,C=US",
"expires_at": "2033-04-15T02:12:11Z"
}
]
}
Deleting a CM Connection
To delete a connection, run:
Syntax
ksctl connectionmgmt cm delete --id <Connection-Name/ID>
Example Request
ksctl connectionmgmt cm delete --id "fc01d709-7b2a-4235-87fe-6cdd20f1f22a"
There will be no response if CipherTrust Manager connection is deleted successfully.
Getting List of CM Connections
To list all the connections, run:
Syntax
ksctl connectionmgmt cm list
Example Request
ksctl connectionmgmt cm list
Example Response
{
"skip": 0,
"limit": 10,
"total": 1,
"resources": [
{
"id": "fc01d709-7b2a-4235-87fe-6cdd20f1f22a",
"external_cm_id": "4df54fb4-d3e6-432d-a917-4b587b180b05",
"uri": "kylo:kylo:connectionmgmt:connections:connection-1-cm-fc01d709-7b2a-4235-87fe-6cdd20f1f22a",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2023-04-19T10:20:16.124632296Z",
"updatedAt": "2023-04-19T10:20:16.122916547Z",
"service": "CM",
"category": "KeyManager",
"last_connection_ok": null,
"last_connection_at": "0001-01-01T00:00:00Z",
"name": "connection_1_CM",
"products": [
"cckm"
],
"client_certificate": "-----BEGIN CERTIFICATE-----\nMIIFgzCCA2ugAwIBAgIRAIYB4m8ecQQtl4eP3xNseBUwDQYJKoZIhvcNAQELBQAw\nWjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlRYMQ8wDQYDVQQHEwZBdXN0aW4xDzAN\nBgNVBAoTBlRoYWxlczEcMBoGA1UEAxMTQ2lwaGVyVHJ1c3QgUm9vdCBDQTAeFw0y\nMzA0MTgxMDE0NDJaFw0yNTA0MTgxMDE0NDJaMIGTMQswCQYDVQQGEwJVUzELMAkG\nA1UECBMCTUQxEDAOBgNVBAcTB0JlbGNhbXAxFTATBgNVBAoTDFRoYWxlcyBHcm91\ncDEMMAoGA1UECxMDUm5EMREwDwYDVQQDEwhreWxvLmNvbTEtMCsGA1UELhMkMDA4\nYzUyYmUtNGQyNi00MGIyLWE0MWYtYTg2ZGE1MzQxMDdlMIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAur6M7t4Z7cGTMQP0qJIk4LgsA0Erf1RujWwVDE1J\nAV3B1BL3mlnPrZm1Mu6U5sTU5eTLlT+HE+nRxWYPJ4Wed5GtZ/cBrWh4Z7IcP5Wl\nq9qXioiYL7hKnfGRHGJ4+WpueezR6HYoZSX/G5svEYd+sDi/4O73F1vx8pIkd0wR\nH4a74EQO7y2SsDKGwnndQFJCQjZlizuKBBQeNFi+pTU70AdDiEaZkt6/sIxFeVSn\nPhjIcq/HW9lzGYxGtIfcznsTQAyOjKn6wc/hC3c33IcNRRQPg+MPPyjZJswyGdju\nnlZNNQxRyrDV2HS+DO0PjS+bTxE8v68ejeHbuLvskOUQqwIDAQABo4IBCDCCAQQw\nDgYDVR0PAQH/BAQDAgOIMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAwGA1UdEwEB/wQC\nMAAwHwYDVR0jBBgwFoAUWdYFoqjVth/meouD25TsPe1pfnEwTgYDVR0RBEcwRYIR\nKi50aGFsZXNncm91cC5jb22CESoudGhhbGVzZ3JvdXAubmV0gRdjb250YWN0QHRo\nYWxlc2dyb3VwLmNvbYcEAQEBATBeBgNVHR8EVzBVMFOgUaBPhk1odHRwOi8vY2lw\naGVydHJ1c3RtYW5hZ2VyLmxvY2FsL2NybHMvNDA2MmVlNWMtZTMwNi00ODkzLWI5\nYjItMzFmNWZiY2NiYjY4LmNybDANBgkqhkiG9w0BAQsFAAOCAgEAVFXX69fNsMoB\nCLEflrfaAB2uHjRvdjS1nkWrNT5fWzD37ig85w70aYLH3yfdglHP4XilKEqMoX2E\nkC2NFSsA9JpwpYV3ZkZk9Q6oJBxUwg9ploxF3KJ/t6TkHR53ZY4qhak+fVXfjrBq\nHAoXusC4inIGYPc6x9OoWAqJjZBJTHICOxOux4VD9i1hTrOGrMCTsRkG+WFBU3Zp\n2DcwufZoSTNV/I8xHhqfSHiaTaeOJozG2Aoq3P06AT0JaphbJ1tJBTnua4ceA+/h\nJjwsC1Xuc6fHu+OQL2MxOC8DrCeP2tQc95KWrVb7WJJCeVu6To+Zto0m/Jc6rrne\nmu5D9Tnv/cmDfjPQk1EVf/IsL+baHpEDf9399ZI6w8WvU45IanYYBSMtRaHnKesa\n8k1bjWHZnWvG4ZTbOawX0q5LMkB+1Ee/8YxDvy3RlCRcGQGh+sPwgj0L/XzdAvK6\ne9mjs2nzpZF37Ns4UiaHUo44XZJDIkes8cqUpJhiqjPo/YPPeUqMGjucpCeIqKlh\nZoio6d8h3WddvsIIv+ygkAnUeVtiq0M2lwUKtKEBo+i8iXL3rctGCyPF5hQkRXWS\nu5hiVl9frMKTuE4X7FQIEPrZ1cPwsnfcQsMpZf5Mwbbwm/Ych9rrqWanYNAq+PVg\n7U4C7GwJZYDD3349pO7g4CasiYSCorI=\n-----END CERTIFICATE-----\n",
"client_id": "008c52be-4d26-40b2-a41f-a86da534107e",
"nodes": [
{
"id": "efec26ad-f9f1-44d0-850f-be2cc3ed54d0",
"uri": "kylo:kylo:connectionmgmt:cm-node:test2-efec26ad-f9f1-44d0-850f-be2cc3ed54d0",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2023-04-19T10:03:02.532367Z",
"hostname": "54.173.227.108",
"external_cm_id": "4df54fb4-d3e6-432d-a917-4b587b180b05"
}
],
"trusted_ca": [
{
"id": "fe92910f-98c4-4dd4-bdf0-f39a2160d5b5",
"uri": "kylo:kylo:connectionmgmt:cm-ca:test2-fe92910f-98c4-4dd4-bdf0-f39a2160d5b5",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2023-04-19T10:03:02.533998Z",
"certificate": "-----BEGIN CERTIFICATE-----\nMIIFrzCCA5egAwIBAgIRAIDguiVeBLRGPRQUEerSkYEwDQYJKoZIhvcNAQELBQAw\nWjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlRYMQ8wDQYDVQQHEwZBdXN0aW4xDzAN\nBgNVBAoTBlRoYWxlczEcMBoGA1UEAxMTQ2lwaGVyVHJ1c3QgUm9vdCBDQTAeFw0y\nMzA0MTcwMjEyMTFaFw0zMzA0MTUwMjEyMTFaMFoxCzAJBgNVBAYTAlVTMQswCQYD\nVQQIEwJUWDEPMA0GA1UEBxMGQXVzdGluMQ8wDQYDVQQKEwZUaGFsZXMxHDAaBgNV\nBAMTE0NpcGhlclRydXN0IFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw\nggIKAoICAQCwz0QtPo+cFY2glDdusXMhkrVgv0bMGf9eXqgLOQ+8PsAoDvLg43AU\nAx7dDKvd73L1DsQmOwqeslx3bS3deBR2zyCfhy6tP1iL2iILsPuzJZqTzyu0+Sfs\nrnwplwM1oZE0E0QkkCM8vx0l7gn2plhx8CU9cu/s9Dbe1fcBFbqLURkDN3U3pTeo\nmAChjTQSVQwN6ZcpIEdAycRaUL9+AKt6/k9DjusQpNJkMtJjY4OYp5j6JGAgFdcK\nufzjsVzb16EEMu6yyXi/P/QXT8+7zwJdaocT80kMRrnIYvmLwjCNo3kZpvXLsE1G\nHPgNbzdbQgVT2afLeGKtMI1sRdoKII8gvEBdeO9NMyD/+VeY0Yop+hOSqPP/XQbF\ndtVenqKUG/6mq3Z6cz92R0R/Sw9KNnDixFa0cy4KAZhS2mn9E8HrTfwzn6mZiWbl\n3zehiyMN2eyOB1sAfJwL04D6bZYDWDlNnf/XXLChhkzUFImeA5QkYiPg0ZgNOGaD\nkveQbaog26ui4REaJm0cTjOnzIyRwl14iQ0OdDlrBcasgpDFMNMzsYEFmunPfLxK\n90+rgzlXXcowl7ZYIYwjcoc1IqPPNhjx2pHlkuYe8XXusRsuBEuHmg3eL+SpfsHE\nHnJn64ddofDqSGZ/4lJGYvcCVTE02jAa5olhOCl6fcV+y44xc/yZwwIDAQABo3Aw\nbjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWdYF\noqjVth/meouD25TsPe1pfnEwLAYDVR0RBCUwI4EhdGVjaG5pY2FsLnN1cHBvcnRA\ndGhhbGVzZ3JvdXAuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQBz8a2KZo1MnkmD5w4I\nH7XpHsQ6cGlzYH72P5jik+6EHEkHHPXITvRj8nAW7nsXAZPLjjaJLJy46r94GYZN\neIY7PGgoRTdwRsSTPTmTc6cw/ZgJd5hWukKe0D1C15Lo7k87KV3CVh9aH28R1sEe\nFxY52b44qa/dZFAxUU5meXYFI/5lrzMvDZ7gTVQWhR0FFz5b8OcG0HupJQe/xson\nppERSDYLm4R6eDQ/kqQelFDEa3s8EUob3BQtPYWNMRPowlVOwir74XtXk9K4cPml\nz3tYZm4CqPLNtDiRmp3Qob/5EXzkgD7HdVzY7UkcZg5vTGZhIxHPZ4dCDE1xgEBS\n2IIpO05IEp3LBG9bqps4UlfMN7MjQf2mGlAoLhHA0mvVosAeawRmPQh8Ydvtk6mQ\n9HxmMk+WgOVuO6V/eYocXX0D7DYwJXWreFjRcpCtnpe0zOyzEdic025NoCM8yNa1\n3b889t5aXYFeZEI4bHu7IKYh0poGQyIPsN775UdmU3QU1XfghLx7s+faeooO1t18\ncnfbvrwZm++85Awb1caoOjuEeJj2h6xv5eRDpzC6F57pka80hNlmhCbMmbQFgjrE\nveC9pkn8Yf79RYC3HzRGgsOnoEdadlmibfF0MO18M2l+aEubChK1Btb1Z6F4Azje\n8RccyyfNBjhxQa73QAoaKHz02A==\n-----END CERTIFICATE-----",
"external_cm_id": "4df54fb4-d3e6-432d-a917-4b587b180b05",
"subject_dn": "CN=CipherTrust Root CA,O=Thales,L=Austin,ST=TX,C=US",
"expires_at": "2033-04-15T02:12:11Z"
}
]
}
]
}
Testing an Existing CM Connection or Connection Parameters
To test an existing connection or connection parameters, run:
Note
For a successful TLS connection, the external CipherTrust Manager web server certificate SAN field should not be empty. For example, if the hostname connection is IP, the same IP should be present in the SAN field in the web server certificate of external CipherTrust Manager.
Syntax
ksctl connectionmgmt cm test --id <Connection-Name/ID>
*Or*
ksctl connectionmgmt cm test --client-cert-file <client-certificate-file> --client-id <client-id> --external-cm-id <external-cm-id>
Example Request
ksctl connectionmgmt cm test --id "14ff5e03-5fb5-4f74-bda5-99f70ba14da8"
*Or*
ksctl connectionmgmt cm test --client-cert-file ./clientCert.pem --client-id "fc797b46-5470-474c-8797-fdd25eb011a7" --external-cm-id "f8946eb8-bc0f-439a-958e-0238b30f9272"
Example Response
{
"status": true,
"nodes":
[
{
"hostname": "3.87.253.205",
"connection_ok": true
}
]
}
