Every time I need to use ziti cli, I would have to do “ziti edge login …” with username and password. And after successful login i see a file - ${ZITI_HOME}/ziti-cli.json with following content -
{
"edgeIdentities": {
"default": {
"url": "https://${ZITI_CTRL_ADVERTISED_ADDRESS}/edge/management/v1",
"username": "xxxx",
"token": "xxxx-xxx-xxx-xxxx",
"loginTime": "2022-08-22T19:52:07-07:00",
"caCert": "${INTERNAL_CA}",
"readOnly": false
}
},
"fabricIdentities": {},
"default": "default"
}
I have registered my internal CA with the controller and successfully verified it. I am able to enroll identities with x509 certificate provided by my CA.
My question is say I have a x509 certificate for myself from my CA ( with CN=myname ), how can I use that to enroll myself as an identity ( assuming it will be of type user ) with openziti?
And how can I use that identity to be able to run ziti cli commands without having to do ziti edge login periodically? i.e. I would like to not use the default admin user but my x509 identity as the admin.
cc: @TheLumberjack
TIA