This KB article provides steps on how to use the WebSDK to export and import HTML email templates from/to Secret Store. This can be useful when attempting to replicate configuration from a Dev environment to Prod.
Background
After planning your TPP configuration in your Dev environment, it is often desirable to import the configuration from Dev to QA and/or Prod. Schematool is a great tool for exporting the contents of Config (e.g., the Policy tree and other trees) from Dev and subsequently importing the contents into QA and/or Prod. However, Schematool doesn’t make a copy of HTML email contents so they have to be copied or recreated by hand. The reason that Schematool doesn’t make copies is because HTML email templates are stored in Secret Store—and Schematool only copies information from Config. Fortunately, the WebSDK can be used to export and import the HTML email templates for each SMTP channel object.
Exporting and Importing HTML Content
- Exporting/Importing SMTP Channel Objects: The first step in moving HTML emails from Dev to Prod is the use Schematool to export the Log SMTP channel objects in Config from your Dev environment and them import them into your QA and/or Prod environment.
Using Schematool to export multiple channel objects directly under Channels:
schematool admin export= htmlchannel.xml start=\VED\Logging\Channels recursive
Using Schematool to export single channel object:
schematool admin export= htmlchannel.xml start=\VED\Logging\Channels\ ExpiringCertEmail
Using Schematool to import:
schematool admin htmlchannel.xml
- List of SMTP Channels with HTML Content: Compile list of SMTP Channels in Dev that contain HTML contents to export. If you don’t have the list compiled manually, you can use Config/FindObjectsOfClass to retrieve all of the SMTP-based channels (object type of “Log SMTP”). The following example shows the JSON request used to retrieve a list of Log SMTP objects directly under \VED\Logging\Channels and the response that is returned from TPP. This example does not search recursively to avoid returning all of the default channel templates. If you’ve created subfolders under the Channels folder, you can turn on Recursive and filter out the default channel templates in your code or run FindObjectsOfClass on each subfolder explicitly.
POST https://172.16.1.100/vedsdk/config/findobjectsofclass HTTP/1.1 {"ObjectDN": "\\VED\\Logging\\Channels", "Class": "Log SMTP", "Recursive": 0}
HTTP/1.1 200 OK
{ "Objects":[ { "AbsoluteGUID":"{da0ec6e0-2eef-4a3d-a413-76102b309fd3}{d785da87-37b6-4c2c-bea9-21843801194e}{a5ebdac8-60d5-4fde-a99e-eddd4f74997f}{4acab694-8847-4e4b-aabe-0371c0d20914}", "DN":"\\VED\\Logging\\Channels\\ExpiringCertEmail", "GUID":"{4acab694-8847-4e4b-aabe-0371c0d20914}", "Id":1368, "Name":"ExpiringCertEmail", "Parent":"\\VED\\Logging\\Channels", "Revision":635842981567431643, "TypeName":"Log SMTP" } ], "Result":1 }
|
- Using the DN, retrieve the Secret Store VaultID of the HTML contents associated with each returned channel object. The VaultID is stored in an attribute named “Template Vault Id”.
POST https://172.16.1.100/vedsdk/config/read HTTP/1.1
{ "ObjectDN": "\\VED\\Logging\\Channels\\ExpiringCertEmail", "AttributeName": "Template Vault Id" }
HTTP/1.1 200 OK
{ "Result":1, "Values":[ "1194" ] } |
- Using the VaultID returned in Values, retrieve the HTML contents of each vault entry. The HTML email template for each channel is retrieved using /SecretStore/Retrieve and returned in Base64 format in the “Base64Data” key/value pair.
POST https://172.16.1.100/vedsdk/secretstore/retrieve HTTP/1.1
{ "VaultID": 1194 }
HTTP/1.1 200 OK
{ "Base64Data":"PEJPRFkgc2Nyb2xsPWF1dG8+PFA+SnVzdCB0ZXN0aW5nIHRoZSBIVE1MIG1lc3NhZ2U8L1A+CjxQPiJxdW90ZXMiLCAiYW5kIGNvbW1hcyI8L1A+CjxQPkFub3RoZXIgdGVzdDwvUD4KPFAgYWxpZ249Y2VudGVyPkNlbnRlcmVkPC9QPgo8UD48VT53aXRoIHVuZGVybGluZXM8L1U+PC9QPgo8UD4mbmJzcDs8L1A+CjxQPiZuYnNwOzwvUD48L0JPRFk+", "Result":0, "VaultType":1024 }
|
- Store the name of the channel and the HTML email template (e.g., in a file). The HTML email template can be left in Base64 format since it will be imported in that format.
- Before starting to import the HTML email templates, make sure that a Log SMTP object with the desired name exists (either using Schematool to create the object as described above, manually creating the object via the WebAdmin UI, or using the WebSDK APIs) for each SMTP object to be restored.
- Import the HTML contents into Secret Store using /SecretStore/Add. It is important to assign the owner to the DN of the correct SMTP channel (created in step 6). This ensures that correct permissions are set so that the HTML email template in Secret Store is accessible from the SMTP channel. The VaultID for the new entry created with the HTML email template is returned.
POST https://172.16.1.100/vedsdk/secretstore/add HTTP/1.1
{ "VaultType": 1024, "Keyname": "Null:Null", "Base64Data": "PEJPRFkgc2Nyb2xsPWF1dG8+PFA+SnVzdCB0ZXN0aW5nIHRoZSBIVE1MIG1lc3NhZ2U8L1A+CjxQPiJxdW90ZXMiLCAiYW5kIGNvbW1hcyI8L1A+CjxQPkFub3RoZXIgdGVzdDwvUD4KPFAgYWxpZ249Y2VudGVyPkNlbnRlcmVkPC9QPgo8UD48VT53aXRoIHVuZGVybGluZXM8L1U+PC9QPgo8UD4mbmJzcDs8L1A+CjxQPiZuYnNwOzwvUD48L0JPRFk+", "Namespace": "config", "Owner": "\\VED\\Logging\\Channels\\HTMLTest" }
HTTP/1.1 200 OK
{ "Result":0, "VaultID":1195 } |
- The final step is to associate the SMTP channel to the Secret Store vault entry that contains the HTML content. This is done using the Config/Write API to set the Template Vault Id attribute using the VaultID returned from /SecretStore/Add in the previous step.
POST https://172.16.1.100/vedsdk/config/write HTTP/1.1
{ "ObjectDN": "\\VED\\Logging\\Channels\\HTMLTest", "AttributeName": "Template Vault Id", "Values": [ "1195" ] }
HTTP/1.1 200 OK
{ "Result":1 } |
- Use WinAdmin to verify that each SMTP channel with an HTML email template has the correct content.
Comments