Announcing Akamai CLI for the Akamai Certificate Provisioning System (CPS)

by Vreddhi Bhat
351

The Akamai Certificate Provisioning System (CPS) provides full life cycle management of SSL certificates on the Akamai platform. From requesting new certificates to modifying or renewing existing ones to managing TLS ciphers and other extra settings, CPS is a vital component for setting up secure traffic through Akamai. While the Akamai Luna Control Center portal and existing CPS APIs have been the traditional way of managing SSL certificates, we are now pleased to announce Akamai CLI for CPS as another option to fit into your workflow.

Like other CLI packages, it’s available through a simple $ akamai install cps once you have Akamai CLI installed.  If you don’t yet have Akamai CLI installed, first follow the installation instructions here (available for macOS, Linux, and Windows).

After installation, ensure the API credentials have the CPS and Contracts API grant/permissions (the Contracts API grant makes it seamless so you don’t need to remember every contract ID).  Run the one-time setup command you’re ready to roll:

$ akamai cps setup

From there, you have a variety of commands which can you help you retrieve current enrollments, current deployed certs on both production and staging, change status, and audit capabilities.  You’ll also have the ability to create or modify enrollments using the raw JSON format or YAML (see sample template YAML files for the relevant fields you can fill in).

The available CLI commands are below (see the Github repository for full details):

list – See a list of all current enrollments you have access to

retrieve-enrollment – Retrieve full enrollment details in either JSON or YAML format to audit or modify as needed

retrieve-deployed – Retrieve leaf/chain bundles or other deployment information from the production or staging network

audit – Generate a full audit report in either xlsx, csv, or JSON format

status – See details of pending changes  (NOTE: change-status details are only there for Let’s Encrypt DV SAN with DNS or HTTP tokens.  Stay tuned for third-party and other certificate type change workflows coming soon.)

create – Create a new enrollment from either a JSON or YAML file

update – Update an enrollment from either a JSON or YAML file

cancel – Cancel an existing enrollment if not already deployed on the Akamai platform

Please try out the new Akamai CLI for CPS and let us know what you think by adding your comments in Github. As always, we welcome your feedback!

Vreddhi Bhat is a senior solutions architect at Akamai Technologies.

Categories: CLI

Suggested Article