Certificate Discovery

class CertificateDiscovery(api)

Bases: _ClientWorkBase

create(name, certificate_location, recursive_paths=None, non_recursive_paths=None, max_filesize='10240', pkcs12_extensions=['.p12', '.pfx'], pkcs7_extensions=['.p7b', '.p7c', '.p7'], pem_extensions=['.cer', '.der', '.crt', '.pem'], ibmcms_extensions=['.kdb'], jks_jceks_extensions=['.jck', '.jceks', '.jks', 'cacerts'], iplanet_extensions=['.db'], exclude_recursive_paths=None, exclude_non_recursive_paths=None, exclude_file_patterns=None, scan_mounted_file_systems=False, log_threshold='Info', attributes=None, get_if_already_exists=True)
Parameters

  • name (str) – The name of the client work.

  • certificate_location (Union[config.Object, str]) – Config Object or Distinguished Name (DN) of the folder to place certificates.

  • recursive_paths (List[str]) – A list of file paths to recursively search for new certificates

  • non_recursive_paths (List[str]) – A list of file paths to search for new certificates

  • max_filesize (str) – A maximum file size (Ignores files larger than this size)

  • pkcs12_extensions (List[str]) – A list of pkcs#12 extensions to match (defaults to .p12, .pfx)

  • pkcs7_extensions (List[str]) – A list of pkcs#7 extensions to match (defaults to .p7b, .p7c, .p7)

  • pem_extensions (List[str]) – A list of PEM extensions to match (defaults to .cer, .der, .crt, .pem)

  • ibmcms_extensions (List[str]) – A list of IBM CMS extensions to match (defaults to .kdb)

  • jks_jceks_extensions (List[str]) – A list of JKS/JCKES(java) extensions to match (defaults to .jck, .jceks, .jks, cacerts)

  • iplanet_extensions (List[str]) – A list of iPlanet(Berkeley/NSS) extensions to match (defaults to .db)

  • exclude_recursive_paths (List[str]) – A list of file paths to exclude (recursively) from discovery

  • exclude_non_recursive_paths (List[str]) – A list of file paths to exclude from discovery

  • exclude_file_patterns (List[str]) – A list of file patterns to exclude from discovery

  • scan_mounted_file_systems (bool) – Scan file systems mounted via NFS/CIFS/NTFS junction points (defaults to False)

  • log_threshold (str) – set the logging level (defaults to INFO)

  • attributes (dict) – Additional attributes to apply to the object.

  • get_if_already_exists (bool) – If the objects already exists, just return it as is.

Returns

Config Object of the client work.

delete(work)

Deletes the client work.

Parameters

work (Union[config.Object, str]) – Config Object or name of the client work.

disable(work)

Disables the client work.

Parameters

work (Union[config.Object, str]) – Config Object or name of the client work.

enable(work)

Enables the client work.

Parameters

work (Union[config.Object, str]) – Config Object or name of the client work.

get(name, raise_error_if_not_exists=True)
Parameters

  • name (str) – The name of the client work.

  • raise_error_if_not_exists (bool) – Raise an exception if the client work does not exist.

Returns

Config Object of the client work.

list()

Lists all client work.

Returns

List of Config Object of all client work.

schedule(work, start_time=None, daily=False, hourly=False, on_receipt=False, days_of_week=None, days_of_month=None, randomize_minutes=0, full_scan=False)

Note

Only one of daily, hourly, on_receipt, days_of_week or days_of_month can be set. Schedules the Certificate Discovery work to run.

Parameters

  • work (Union[config.Object, str]) – Config Object or name of the client work.

  • start_time (int) – The 24-hour UTC hour format (i.e. 20 = 8PM UTC) for the job to start.

  • daily (bool) – Runs the client work daily

  • hourly (bool) – Runs the client work hourly

  • on_receipt (bool) – Runs the client work on_receipt

  • days_of_week (List[str]) – Runs the client work on specific days of the week. It is a Zero-based index of the days of the week (i.e. Sunday = ‘0’).

  • days_of_month (List[str]) – Runs the client work on specific days of the month.

  • randomize_minutes (int) – Randomize the given minutes for agent to send data back to the server

  • full_scan (bool) – Reset the cache and perform a full scan (resend all the data to the server)

unschedule(work)

Removes any scheduling for the client work, but does not delete the client work.

Parameters

work (Union[config.Object, str]) – Config Object or name of the client work.