Using Cyberark to retrieve passwords for the database for data source loads

GeoThomas
Tera Contributor

‎10-30-2024 01:47 PM

I am trying to integrate my ServiceNow Instance and Cyberark. I have created a safe in Cyberark and I am able to curl the CyberArk to get my credentails in response. 

curl -sv --location --request GET --http1.1 'https://<myCberArkInstance>/AIMWebService/api/Accounts?AppID=<my_app>&Safe=<my_safe>&UserName=<my_username>' --cert <myCert>.pem --key <myKey> --header 'Content-Type: application/json'

My plan is to use this in a scripted rest method and get the response and then use that for the data load. But the problem here is how to pass the certificate when using this in the service now portal since the certificate is in the midserver.

 

Is there any better aproach than this? I was also reading about the cyberark credential plugin and use that credential, but could not find the right plugin name to request it.

0 Helpfuls
  • 986 Views
4 REPLIES 4

Sohail Khilji
Kilo Patron
Kilo Patron

‎10-30-2024 02:00 PM

Hi @GeoThomas ,

 


Since your certificate is on the MID Server, you can leverage it to handle secure communications. Configure the ServiceNow MID Server to use the certificate when making outbound requests.

 
Scripted REST API >
You can create a Scripted REST API in ServiceNow that triggers a script on the MID Server


In your script, you can utilize the HttpClient class to make the request to CyberArk while specifying the certificate stored on the MID Server.

 

 


☑️ Please mark responses as HELPFUL or ACCEPT SOLUTION to assist future users in finding the right solution....

LinkedIn - Lets Connect

0 Helpfuls

GeoThomas
Tera Contributor
In response to Sohail Khilji

‎10-30-2024 02:03 PM

Thank you for the response. Would you have an example snippet to share with me. I am confused on how to pass the certificate path. 

0 Helpfuls

Sohail Khilji
Kilo Patron
Kilo Patron
In response to GeoThomas

‎10-30-2024 02:07 PM

On the mid server path , there may be a file were the certificate file path has to be specified.

 

Eg:mid.client.certificate=<path_to_your_cert.pem>
mid.client.key=<path_to_your_key.pem>

 

Make sure to restart the mid server to apply property changes and the your scripted REST api will do the magic when you use > client.setMIDServer('<your_midserver_name>');

 

I hope this helps.,..


☑️ Please mark responses as HELPFUL or ACCEPT SOLUTION to assist future users in finding the right solution....

LinkedIn - Lets Connect

0 Helpfuls

GeoThomas
Tera Contributor
In response to Sohail Khilji

‎10-30-2024 02:23 PM

Eg:mid.client.certificate=<path_to_your_cert.pem>
mid.client.key=<path_to_your_key.pem>

 

Are these to be set in the mid server config file?

0 Helpfuls