!!! credhub

[{TableOfContents}]

What runs op the director (pcf 1.11):

!! Resources

* [credhub|https://github.com/cloudfoundry-incubator/credhub]
* [credhub bosh release|https://github.com/pivotal-cf/credhub-release]
* [credhub bosh release docs! | https://github.com/pivotal-cf/credhub-release/tree/master/docs]
* [credhub api and cli ref|https://credhub-api.cfapps.io]
* [pcf 1.12 and credhub|https://docs.pivotal.io/tiledev/1-12/credhub.html]
* [Setting Up and Deploying CredHub with BOSH|https://docs.cloudfoundry.org/credhub/setup-credhub-bosh.html]
* [Using CredHub to Increase the Security of Your Platform - Dan Jahner, Pivotal|https://youtu.be/UHqKLEEZH3s]
* [YouTube "CredHub and Secure Credential Management - Peter Blum, Scott Frederick"|https://youtu.be/gQnM_PIMuE8]


{{{
/:~# ps -ef|grep -i credh
vcap      35083      1  0 Jan26 ?        00:05:10 java -Dspring.profiles.active=prod -Dspring.config.location=/var/vcap/jobs/credhub/config/application.yml -Dlog4j.configurationFile=/var/vcap/jobs/credhub/config/log4j2.properties -Djava.security.egd=file:/dev/urandom -Djava.io.tmpdir=/var/vcap/jobs/credhub/tmp -ea -jar credhub.jar
....
}}}

This listens on port 8844.\\
There is an interesting config file @ {{/var/vcap/jobs/credhub/config/application.yml}}\\
Logging is @ {{/var/vcap/sys/log/credhub/credhub.log}}

! Setting the target__
{{{
metskeh@admin-d01we-cis:~$ ./credhub api --skip-tls-validation --server 10.253.6.11:8844
Warning: The targeted TLS certificate has not been verified for this connection.
Warning: The --skip-tls-validation flag is deprecated. Please use --ca-cert instead.
Setting the target url: https://10.253.6.11:8844
}}}

! Getting info and health

{{{
metskeh@admin-d01we-cis:~$ curl -k --silent https://10.253.6.11:8844/info | jq
{
  "auth-server": {
    "url": "https://10.253.6.11:8443"
  },
  "app": {
    "name": "CredHub",
    "version": "1.0.8"
  }
}
}}}

{{{
metskeh@admin-d01we-cis:~$ curl -k --silent https://10.253.6.11:8844/health | jq
{
  "status": "UP"
}
}}}