Adding LDAP Certificates automatically

[optionstechnology]

I can add auth servers via the API easily enough

But I cant add the certificate

Is there any way to do this programmatically?


Also is there a way of setting other admin area settings - like system settings, email setttings, backups etc

[ssax]

It's not currently possible to do that through the API. Does your automation tool have the ability to add files/run commands/restart services at the OS level? If so, what OS/version are you running?

Code: Select all

uname -a
cat /etc/*release

[optionstechnology]

Yeah we can change the config files directly and run commands/restart services

running centos 7.9

[ssax]

You should be able to add the entire CA cert chain in individual pem format files into:

Code: Select all

/etc/pki/ca-trust/source/anchors/

Then run:

Code: Select all

update-ca-trust extract
systemctl restart httpd

If that doesn't work you should be able to put your entire CA certificate chain in pem encoded format in a file in:

Code: Select all

/etc/openldap/certs

I'm using /etc/openldap/certs/ca.pem in the example below.

Then run these commands against it:

Code: Select all

chown apache.nagios /etc/openldap/certs/ca.pem
echo 'TLS_CACERT /etc/openldap/certs/ca.pem' >> /etc/openldap/ldap.conf
systemctl restart httpd

[optionstechnology]

yup this worked perfectly, thanks

for the other settings-

We need to check: Allow HTML Tags in Host/Service Status

uncheck: Sticky Acknowledgement

change the "send from" address in mail settings

For backups check the 'Enable Local Backups' checkbox

Set it to run Daily at 18:00 to /store/backups/nagiosxi

Set a backup limit of 5


are all these things also possible by changing the settings in config files?

[ssax]

Those are not currently modifiable like that because you need to be logged in to do it to pull the other information that is submitted with them.