Summary
-
Login to your Entrust Certificate Services (ECS) portal
-
Click Administration > Advanced Settings. On the Settings navigation pane, select API.
-
Click Generate credentials to create the API keys.
-
Create a Friendly Name for the API Key, then click Generate.
-
Record the User Name, API Key values in a safe location. These will be required to configure the API later. Note that the API Key cannot be viewed again once this window is closed.
-
It is possible to examine the current certificate on the web sever by using any web browser.
-
Log onto the Apache Webserver, PuTTY or equivalent software can be used
-
The following API is leveraging a bash script that can be customized by end users and this is only an example of how the API can be called.
-
Run the bash script with the command: ./ecs_renew_api.sh
-
Enter the API User Name and the API Key that was generated earlier from the ECS portal
-
Enter the number of days you would like the certificate to valid for, maximum is 396 days.
-
Enter the certificate type you would like to use “STANDARD_SSL” or “ADVANCED_SSL”. Note the script can be customized to support all ECS templates.
-
Certificate was returned successfully! Now enter the user’s password to confirm the restart of Apache. Note the script can be customized to automatically restart Apache.
-
Confirm that the new certificate is the expected Serial Number. The certificate can also be examined in a web browser that has connected to the Apache hosted website using HTTPS. Renew Certificates with 396 day validity with REST API