This topic provides the instructions for connecting to and talking directly with CredHub. You might want to do this to retrieve credentials created by a service broker.
-
SSH into the Ops Manager VM. This VM should already include the CredHub CLI.
-
Create two host entries in
/etc/hosts. One for CredHub server and one for UAA. This is required because the CredHub API will use DNS names for some redirect and cert verifications./etc/hosts: <TAS CredHub VM IP> credhub.service.cf.internal <TAS UAA VM IP> uaa.service.cf.internal -
Set CredHub CLI API endpoint to include
root_ca_certificate:credhub api --server credhub.service.cf.internal:8844 --ca-cert /var/tempest/workspaces/default/root_ca_certificate Setting the target url: https://credhub.service.cf.internal:8844 -
Get the CredHub Admin Client Credentials from Operations Manager, then TAS, then the Credentials tab.
-
Login using CredHub Admin Client Credentials:
credhub login --client-name=credhub_admin_client --client-secret=<secret> Login Successful
