We have already written about Reblaze technology in one of the previous posts, now we are diving deeper into it. In this post, we wanted to talk about how to use Reblaze REST API and how you can utilize its security mechanisms to protect your websites and apps.
We will be executing all of our commands in Bash under Linux using curl, and we will be going over all the basic API operations we can execute on your already running ‘Reblazed’ website.
The parameter $HOST refers to the FQDN of your website, while the $KEY refers to your API key.
Site operations
List all the sites that we can access throughout the management console:
curl -s -XGET https://$HOST/api/$KEY/sites/list
Create a new site:
curl -XPOST https://$HOST/api/$KEY/sites/create --data-urlencode 'domains=site1.com,site2.com'
Remove Site:
curl -s -XGET https://$HOST/api/$KEY/sites/list
List the upstream settings of a site:
curl https://$HOST/api/$KEY/sites/listupstream?canonicalname=www.example.com
Set upstream settings of a site:
- Change the JSON parameters as you need:
one_line_json='[
{
"http_port": "80",
"https_port": "443",
"weight": "1",
"fail_timeout": "10s",
"monitor_state": "0",
"down": false,
"host": "1.2.3.4",
"max_fails": "1",
"backup": false
},
{
"http_port": "80",
"https_port": "443",
"weight": "1",
"fail_timeout": "10s",
"monitor_state": "0",
"down": false,
"host": "4.3.2.1",
"max_fails": "1",
"backup": false
}
]'
- Encode the set JSON with base64:
one_line_json_base64=$( echo $one_line_json | base64 )
- Finally execute the command to set the upstream:
curl https://$HOST/api/$KEY/sites/setupstream --data "back_hosts=$one_line_json_base64&canonicalname=www.example.com"
Domain operations
Get all the domains that a site supports:
curl https://$HOST/api/$KEY/sites/getnames?canonicalname=src.example.com
Set the list of domains that a site supports, up to 100 domains per site:
curl https://$HOST/api/$KEY/sites/setnames --data "canonicalname=src.example.com&names=www.example.com,www2.example.com"
Certificate operations
You can manipulate certificates through the API as shown below. The certificates themselves will be uploaded and stored into Reblaze’s cloud, or a cloud load balancer.
Add Certificate to SSL Management:
curl $API_URL$API_ADD --data-urlencode "cert_body=$SSL_CRT" --data-urlencode "private_key=$SSL_KEY" | awk '{print $4}' | cut -d '"' -f2
Attach a domain to an SSL certificate:
curl $API_URL$API_ATTACH --data "canonicalname=$CANONICAL_NAME&sslid=$CERT_ID"
Remove an attached domain from the SSL certificate:
curl $API_URL$API_DETACH --data "canonicalname=$CANONICAL_NAME"
Replace a certificate with another on a passed list of sites and all load balancers:
curl -XPOST https://$HOST/api/$KEY/ssl/replace --data-urlencode 'new_cert_id=NEW_CERT_ID' --data-urlencode 'old_cert_id=OLD_CERT_ID' --data-urlencode 'sites=site1.com,site2.com'
That is it with basic usage of the Reblaze API. Keep up with our tech stuff and feel free to reach out with any ideas you might have for us.