1 Reply Latest reply on Oct 10, 2011 2:23 PM by cgrim

    MVM Open API SDK

      Hi,

       

      I am trying to automate some of the MVM functions via PERL using the OPEN API SDK.  So far I have done the following:

       

      Set up PERL and install all the requierd packeges described in the OPEN API SDK PDF file.

      Ensure that SOAP Lite is installed.

      Generate the certificate for the scripting server from the API server using the MVM Cert Manager version 7.0

      Transport the certs to the scripting server under the Certificates folder in the SDK folder.

      Place the IniFiles.pm in the C:\Perl\5.10.0.1004\site\lib directory.

      Update the sconfig file with proper details such as following:

       

      [default]

      ; sample: https://192.168.2.25
      ;host=https://172.23.13.10
      ;host=https://172.23.13.235
      host=https://10.54.225.24
      port=3800

      org=McAfee
      ;username=Administrator
      username=shchirag

      ; password is case sensitive
      password=***** (Where **** is the actual password, not displayed in this forum for obvious reasons)


      WHAMdomain=Intranet
      WHAMuser=shchirag
      WHAMpassword=***** (Where **** is the actual password, not displayed in this forum for obvious reasons)

      ; for Web application scans
      WebAppUrl=http://warrior.foundstone.com
      WebAppUrlUser=DummyWebAppUrlUser
      WebAppUrlPassword=DummyWebAppUrlPassword

      ; sample EngineID=edfb854b-c6eb-48fc-8477-c791261e2869
      ;EngineID=12345678-90ab-cdef-1234-123456789012
      EngineID=DE095682-8884-45C8-85FA-D2096F3E47CF

      ;local_ip=172.23.15.148
      ;local_ip=172.23.13.235
      local_ip=10.54.224.105
      portal_name=barcap-dev
      debug=1

      [custom]
      vulns=1

       

      Update the Engine.pm file to reflect the following:

       

      $ENV{HTTPS_CERT_FILE} = 'C:/MVMSDK/Certificates/FoundstoneClientCertificate.pem';

      $ENV{HTTPS_KEY_FILE} = 'C:/MVMSDK/Certificates/FoundstoneClientCertificate.pem';

      # If the passphrase is removed from the private key certificate file, then assign the key certificate file,

      # instead ofCustomPortal.pem file.

      #$ENV{HTTPS_KEY_FILE} = 'C:/MVMSDK/Certificates/FoundstoneCAPublicCertificate.pem';

      $ENV{HTTPS_CA_FILE} = 'C:/MVMSDK/Certificates/FoundstoneCAPublicCertificate.pem';

      # A passphrase generated by the Foundstone Certificate Management Tool. The passphrase shown below should be

      # replaced with a newly generated one. Shown below is one example. An actual passphrase should be entered instead of 'AJ+TCQaSw4v5j3SI6QofQA=='.

      $ENV{HTTPS_CERT_PASS} = 'y27foDONaHyw6dts7aHeZQ==';

       

      Ensure that engine.pm file is properly placed in the C:\Perl\5.10.0.1004\site\lib\SOAP directory.

       

      PROBLEM:

       

      When I run the create_activate_delete_scan.pl, perl script I get to the UserLogin passphrase prompt and when I enter the passphrase, I get the following error:

       

      *********************

      C:\MVMSDK\Samples\Perl>perl create_activate_delete_scan.pl

      Before calling UserLogin API

      Enter PEM pass phrase:
      500 configure certs failed: failed to load C:/MVMSDK/Certificates/FoundstoneClientCertificate.pem:  at C:\Perl\5.10.0.1004\site\lib/SOAP/Engine.pm line 197

      *********************

       

      Any idea of what's happening here?  I have regenerate the certs at least a few times and used their corresponding passphrases as well.  I also tried typing the phassphrase instead of copying and pasting it when prompted.

       

      Any help would be greatly appreciated.