Get-Certificates-A10

1.0.0

Get-Certificates-A10.ps1

                                <#PSScriptInfo

.VERSION 1.0.0

.GUID 8e38f4d8-70a4-479e-90d9-8e87fe160c09

.AUTHOR Felipe Fuentes Milosavljevic - ffuentes3003@gmail.com

.COMPANYNAME Felipe Fuentes

.COPYRIGHT (c) 2020 Felipe Fuentes. All rights reserved.

.TAGS Certificate, A10, Axapi/v3

#>

<#

.DESCRIPTION

 Get Certificates From A10 Network Api V3

#> 

Add-Type @"

    using System;

    using System.Net;

    using System.Net.Security;

    using System.Security.Cryptography.X509Certificates;

    public class ServerCertificateValidationCallback

    {

        public static void Ignore()

        {

            ServicePointManager.ServerCertificateValidationCallback +=

                delegate

                (

                    Object obj,

                    X509Certificate certificate,

                    X509Chain chain,

                    SslPolicyErrors errors

                )

                {

                    return true;

                };

        }

    }

"@

[ServerCertificateValidationCallback]::Ignore();

#force TLS1.2 (necessary for the management interface)

[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;

#$CredA10 = Get-Credential -Message "Enter Credential For A10"

$username = Read-Host -Prompt "Enter UserName for A10"

$password = Read-Host -Prompt "Enter Password For $username"

$device = "IP A10" #Change This For IP A10

$prefix = "https:" #Prefix Https

$base = "axapi/v3" #Base Uri

$apiauth = "axapi/v3/auth" #Uri Authenticate API

$apicert = "axapi/v3/slb/ssl-cert/oper" #Uri Get Certificates

#Credential Json

$jsoncreds = @"

{"credentials": {"username": "$username", "password": "$password"}}

"@

#Obtain Token Connection

$request = Invoke-RestMethod -Method Post -Uri "$prefix//$device/$apiauth" -Body $jsoncreds -ContentType application/json -ErrorVariable lostconnection | Select -ExpandProperty authresponse

$signature = $request.Signature

#Header

$head = @{ Authorization= "A10 $signature" }

#Validation Credentials

if($lostconnection -match ":403"){

    Write-Host "Usuario o Password Incorrecto"

}

else{

    #Obtain SSL 

    $slb = Invoke-RestMethod -Uri "$prefix//$device/$apicert" -Method Default -Headers $head -ContentType application/json | Select -ExpandProperty ssl-cert

    #Search SSL Not Expire

    $certs = $slb.oper.'ssl-certs' | Where-Object {$_.status -match "Unexpired"} |  Select Name,Type,notbefore,notafter,common-name,status

    #Read All Certs

    foreach($read in $certs){

        $read

    }

}