Actions20
- Configuration Actions
- System Actions
- Image Actions
- Generate Actions
- Config File Actions
Overview
The node interacts with a VyOS router via its HTTP API, specifically focusing on generating cryptographic materials such as certificates. The "Generate" resource with the "Certificate" operation allows users to create X.509 certificates signed by a certificate authority (CA). This is useful in scenarios where secure communication is needed, for example, setting up TLS for network devices or services managed by VyOS.
Practical examples include:
- Generating server certificates for VPN or HTTPS services running on VyOS.
- Creating client certificates for authentication purposes.
- Automating certificate creation as part of infrastructure provisioning workflows.
Properties
| Name | Meaning |
|---|---|
| CA Name | Name identifier for the certificate authority that will sign the generated certificate. |
| Certificate Name | Name identifier for the certificate being generated. |
| Additional Fields | Collection of optional parameters: |
| - Key Size | Size of the key in bits. Options: 1024, 2048, 4096. |
| - Subject | Distinguished Name string defining the certificate subject, e.g., CN=example.com,O=Org. |
| - Validity Days | Number of days the certificate will be valid. |
| - Format Output | Boolean flag indicating whether the output should be formatted for better readability. |
Output
The node outputs JSON data representing the generated certificate details. This typically includes the certificate itself and possibly related metadata such as the private key or certificate authority information. If binary data is involved (e.g., PEM encoded certificates), it is represented within the JSON structure accordingly.
Dependencies
- Requires access to a VyOS router configured with its HTTP API enabled.
- An API authentication token or credential must be provided to authenticate requests.
- No additional external services are required beyond the VyOS API.
Troubleshooting
- Common issues:
- Authentication failures due to incorrect or missing API credentials.
- Invalid certificate subject format causing generation errors.
- Unsupported key sizes or types leading to request rejection.
- Error messages:
- Errors related to connectivity or SSL validation may occur if the VyOS host is unreachable or has invalid certificates; ensure correct host and SSL settings.
- Validation errors from the API when required fields are missing or malformed; verify all mandatory properties are correctly set.
- Resolutions:
- Double-check API credentials and host configuration.
- Validate the subject string format against X.509 standards.
- Use supported key sizes and types as per the node's options.