Solved: RUCKUS Forums - Re: Unleashed API - Page 6

ms · ‎02-04-2022

Is there published or unpublished API for Unleashed?

I'm looking for the MACs from cli command "show current-active-clients all".

mmMOLINARI · ‎02-08-2022

Totally agree. I just created a new repo on GitHub and added the Unleashed postman collection: https://github.com/commscope-ruckus/RUCKUS-Unleashed

You start with the call to login using the unleashed credentials, then retrieve a CSRF token, and use it in the header for subsequent calls.

View solution in original post

MrOfTheObvious · ‎12-29-2025

I did get ACME working from the IPA end, but something seemed to go wrong w the upload/apply commands that I am unable to effectively diagnose.

The acme.sh script is fine work, but has got a lot of extra stuff in it that's not specific to my use case, so I don't believe I should be applying it to my situation. I have the same issue with the Unleashed Go library - I don't want to bundle in a Go binary just so that I can talk to the AP effectively.

Manually uploading my generated cert bundle via Unleashed web UI seems to work, so I don't think it's an issue with the cert bundle I've generated.

A simpler approach is only uploading the CA. All I really need is for the AP to open a connection to a RADIUS server-over-TLS, and the rest is handled by RADIUS. This works manually just fine, but I'm trying to automate away as much of these manual steps as I'm able.

Once again, uploading manually via unleashed UI? no problem.

Running

curl -k -b /tmp/tmp.zzzzzzzzzz -X POST https://$HOSTNAME/admin/_upload.jsp -H 'X-CSRF-Token: Zzzzzzzzzz' -H 'Content-Type: multipart/form-data' -F 'u=@/etc/ipa/ca.crt;filename=ipaca.crt;type=application/pkix-cert' -F request_type=xhr -F action=uploadCA -F callback=uploader_uploadCA -F ImportCaMethod=append

Doesn't result in a successful process either.

Really all I'm after is a curl command/appropriate XML string to upload and apply the CA - that's it. The rest is over-complicating matters.

mmMOLINARI · ‎12-29-2025

The Unleashed and ZD XML API are not public, and there is no documentation for them. You mentioned upload manually works using the UI. Did you try to use the Inspect tool in your browser to see the API call used by the UI upload is exposed?

ms264556 · ‎12-29-2025

I think they did inspect the POST: the curl command included in the comment looks vaguely what I'd expect. Since they're probably using a hacked-up version of my certificate script, I'm happy to give their modified script a quick run and reply here with the problem/fix.

MrOfTheObvious · ‎12-30-2025

That is indeed the approach I took, I'll throw you a message momentarily.

ms264556 · ‎12-30-2025

OK. So I see you've used the acme.sh deploy hook as your starting point.

Unfortunately, acme.sh requires deploy hooks to support both wget and curl, so that code is very low level & not a great place to start hacking.

If you just let curl handle the file upload, then your upload should succeed. Also, you'll get back an empty response on failure, rather than an error code.

Something like this should be what you want:-

addCaSuccess="$(curl -k -b "$cookie_file" "$base_url/_upload.jsp?request_type=xhr" \
    -H "X-CSRF-Token: $loginResponse" \
    -F "u=@/etc/ipa/ca.crt" \
    -F "action=uploadCA" \
    -F "callback=uploader_uploadCA" \
    -F "ImportCaMethod=append" \
    2>/dev/null \
    | grep "CF_CADoneDesc")"

if [[ -z "$addCaSuccess" ]]; then
    echo "		Failed to upload CA certificate!"
    rm -f "$cookie_file"
    return 1
else
    xmlString="<ajax-request action='docmd' comp='system' updater='rid.0.5' xcmd='delete-file' timeout='-1'><xcmd cmd='delete-file' type='uploaded' filename='uploadCA'/></ajax-request>"
    curl -k -b "$cookie_file" "$base_url/_cmdstat.jsp" -H "X-CSRF-Token: $loginResponse" --data-raw "$xmlString" >/dev/null 2>&1
fi

rm -f "$cookie_file"