No Matches Found!
Try with a different search term
No Matches Found!
Try with a different search term
There's a new home for Articles. Find Articles on Our Product Support Page.
Hello, I am using the REST API to create a Certificate Authority in MobiControl. I have successfully called the APIs to create the CA (adcsHttps), add the root certificate (adcsRootCertificate) and add the template information (certificateTemplates). The final piece to complete this for me is to add the enrollment certificate to the CA. This is done using adcsEnrollmentCertificate. I have followed the documentation and formatted the request exactly as required, however I keep receiving an Internal Server Error (500). Can anyone offer me some advice on how to debug this? I have made sure the certificate pfx file does not contain and certificate chains (this is a requirement). And the Certificate Authority created in MobiControl from this script will allow me to manually load the enrollment certificate pfx after the script is run (so I'm pretty confident its not the format of the PFX file). Here is a snippet of my code (Powershell): $EnrollmentCertificatePath = "C:\Test\enrollment.pfx" $RootCertificatePath = "C:\Test\rootca.der" $EOL = "`r`n" # # Create Certificate Authority # $AuthHeader = @{} $AuthHeader["Authorization"] = "Bearer <AuthToken>" try { $CreateCABody = @{} $CreateCABody["ReferenceId"]=$null $CreateCABody["Name"]="MY NEW CA" $CreateCABody["CertificationAuthorityType"]="AdcsPkiHttps" $CreateCABody["PolicyServiceUrl"]="https://cesserver.com/ADPolicyProvider_CEP_UsernamePassword/service.svc/CEP" $CreateCABody["EnrolmentServiceUrl"]="https://cesserver.com/CESSERVER_CES_UsernamePassword/service.svc/CES" $CreateCABody["RootCertificateInfo"]=$null $CreateCABody["EnrolmentCertificateInfo"]=$null $CreateCABody["AuthenticationType"]="UserNamePassword" $CreateCABody["CertificateInfo"]=$null $CreateCABody["UserName"]="cesuser" $CreateCABody["Password"]="password" $CreateCABody["CloudLinkAgentName"]=$null $CreateCABodyJson = $CreateCABody | ConvertTo-Json $adcsHttps = "https://mobicontrol-server/MobiControl/api/certificateManagement/certificationAuthorities/adcsHttps" $result = Invoke-restmethod -Uri $adcsHttps -ContentType "application/json" -Method POST -Headers $AuthHeader -body $CreateCABodyJson $ReferenceId = $result.ReferenceId Write-Host "Success: New CA created - Reference ID: $ReferenceId" } catch { $_.Exception.Message exit -2 } # # Set the root CA certificate for the new CA # $Base64EncodedRootCaFile = [Convert]::ToBase64String([IO.File]::ReadAllBytes($RootCertificatePath)) Write-Host "Extracted root CA file contents (base64) - Reference ID: $Base64EncodedRootCaFile" $CerFilename = 'rootca.cer' $AdcsRootCertBody = $EOL + "--mc_boundary" + $EOL $AdcsRootCertBody += "Content-Type: application/pkix-cert+json" + $EOL $AdcsRootCertBody += "{ `"filename`": `"" + $CerFilename + "`" }" + $EOL + $EOL + $EOL $AdcsRootCertBody += "--mc_boundary" + $EOL $AdcsRootCertBody += "Content-Type: application/pkix-cert" + $EOL $AdcsRootCertBody += "Content-Transfer-Encoding: base64" + $EOL $AdcsRootCertBody += "Content-Disposition: attachment; filename=`"" + $CerFilename + "`"" + $EOL + $EOL $AdcsRootCertBody += $Base64EncodedRootCaFile + $EOL + $EOL + $EOL $AdcsRootCertBody = $AdcsRootCertBody + "--mc_boundary--" + $EOL try { Write-Host "Body for AdcsRootCert is:" Write-Host $AdcsRootCertBody Write-Host "..." $adcsRootCertificate = "https://mobicontrol-server/MobiControl/api/certificateManagement/certificationAuthorities/$ReferenceId/adcsRootCertificate" $result = Invoke-restmethod -Uri $adcsRootCertificate -ContentType "multipart/related; boundary=mc_boundary" -Method POST -Headers $AuthHeader -body $AdcsRootCertBody Write-Host "Success!" } catch { $_.Exception.Message exit -3 } try { $TemplateBody = @{} $TemplateBody["Name"]="User Template" $TemplateBody["CertificationAuthorityReferenceId"]="$ReferenceId" $TemplateBody["CertificationAuthorityTemplateName"]="UserTemplate" $TemplateBody["CertificateTarget"]="Device" $TemplateBody["SubjectTemplate"]="CN=test" $TemplateBody["AlternativeSubjectTemplate"]=$null $TemplateBody["KeySize"]=2048 $TemplateBody["ShouldRemoveAfterRenewal"]=$true $TemplateBody["UseAutoRenewal"]=$true $TemplateBody["NumberOfDaysForAutoRenewal"]=60 $TemplateBody["PreservePrivateKey"]=$true $TemplateBody["Disabled"]=$false $TemplateBody["PublishToLdap"]=$false $TemplateBody["KeyProtection"]="Protected" $TemplateBody["HashAlgorithm"]="Sha1" $TemplateBody["ValuePeriod"]="Days" $TemplateBody["ValuePeriodUnits"]=0 $TemplateBody["RequireUserAuthentication"]=$false $TemplateBodyJson = $TemplateBody | ConvertTo-Json $certificateTemplates = "https://mobicontrol-server/MobiControl/api/certificateManagement/certificationAuthorities/$ReferenceId/certificateTemplates" $result = Invoke-restmethod -Uri $certificateTemplates -ContentType "application/json" -Method POST -Headers $AuthHeader -body $TemplateBodyJson } catch { $_.Exception.Message exit -5 } # # Set the enrollment certificate for the new CA # $Base64EncodedEnrollmentCertFile = [Convert]::ToBase64String([IO.File]::ReadAllBytes($EnrollmentCertificatePath)) $AdcsEnrollmentCertificateBody = "--mc_boundary" + $EOL $AdcsEnrollmentCertificateBody += "Content-Type: application/x-pkcs12.metadata+json" + $EOL $AdcsEnrollmentCertificateBody += "{`"filename`": `"enrollment.pfx`", `"password`": `"mypassword`"}" + $EOL + $EOL + $EOL $AdcsEnrollmentCertificateBody += "--mc_boundary" + $EOL $AdcsEnrollmentCertificateBody += "Content-Type: application/x-pkcs12" + $EOL $AdcsEnrollmentCertificateBody += "Content-Transfer-Encoding: base64" + $EOL $AdcsEnrollmentCertificateBody += "Content-Disposition: attachment; filename=`"enrollment.pfx`"" + $EOL $AdcsEnrollmentCertificateBody += $Base64EncodedEnrollmentCertFile + $EOL + $EOL + $EOL $AdcsEnrollmentCertificateBody += "--mc_boundary--" try { Write-Host "Body for adcsEnrollmentCertificate is:" Write-Host $AdcsEnrollmentCertificateBody Write-Host "..." $adcsEnrollmentCertificate = "https://mobicontrol-server/MobiControl/api/certificateManagement/certificationAuthorities/$ReferenceId/adcsEnrollmentCertificate" Write-Host "Posting: $adcsEnrollmentCertificate" $result = Invoke-restmethod -Uri $adcsEnrollmentCertificate -ContentType "multipart/related; boundary=mc_boundary" -Method POST -Headers $AuthHeader -body $AdcsEnrollmentCertificateBody Write-Host "Success!" } catch { # THIS IS WHERE WE END UP WITH AN INTERNAL SERVER ERROR (500) Write-Host "Failed to import the PFX file. Ensure the password is correct and that the PFX file does NOT contain CA certificates" $_.Exception } Thanks! Andy
Hello, I currently use the REST API to get certain stats from my devices. I would now like to get the expiry date on my support licenses, i will have this automatically checked by my network monitoring system. In the API doco (https://servername/MobiControl/api) i can see reference to a model called "LicenseInfo" containing "DaysToExpiry" How can access this info? what "get" request gets this info? Thanks Andrew
Top-tier experts who are delivering outstanding content. Should have more than 7000 points.
Experts who are consistent with great content. Should have more than 1000 points
Highly experienced members with valuable inputs. Should have more than 700 points
Beginners taking the initiative. Should have more than 500 points
