Certificate Provisioning
Certificate Provisioning is a process in which a certificate is injected into a remote endpoint. Currently, Akeyless supports provisioning certificates to a Linux or a Windows endpoints utilizing Targets.
Any stored certificate can be provisioned through the Gateway whereupon a successful provisioning, future renewals of the certificate will be provisioned automatically.
Provisioning a certificate using the Akeyless CLI
Run the following CLI command to provision a certificate:
akeyless assoc-target-item --name <Certificate name> \
--target-name <Target Name> \
--gateway-url 'https://<Your-Akeyless-GW-URL:8000>' \
--certificate-path <Where to save the certificate> \
--post-provision-command <"echo Akeyless">
Where:
name
: The Certificate item name.target-name
The Target item name, to provision the certificate.gateway-url
: Akeyless Gateway Configuration Manager URL (port8000
).certificate-path
:A path on the Target to save the certificate PEM file can be used as well withchain-path
andprivate-key-path
flags to save those on different locations.post-provision-command
: Optional, a custom command to run on the remote target after successful provisioning e.g. restarting a service.
You can find the complete list of additional parameters for this command in the CLI Reference - Encryption Keys section.
Provisioning a certificate using the Akeyless Console
- Log in to the Akeyless Console, and go to Items, find the certificate you wish to provision.
- Click on the Certificate item, click on the Provisioning tab, and then Attach.
- Enter the following parameters:
-
Target Name - Choose an existing Target from the drop-down list to select the existing SSH / Windows Target.
-
Gateway - Choose an existing Gateway from the drop-down list to select the relevant Gateway.
-
Certificate Remote Path - The path where the certificate will be provisioned to in the remote machine.
-
Private Key Remote Path - A path on the target to store the private key.
-
Certificate Chain Path - A path on the target to store the full chain.
-
Post Provision Command - A custom command of your choice that will be executed on the remote machine as part of the provisioning process.
Updated 9 months ago