Fortigate wildcard certificate update

certificate-update.py

from fortigate_api import Fortigate
import base64
from datetime import datetime
import inotify.adapters
import inotify.constants
import requests

#Wildcard cert file location
CERT_FILE = ""
#Key file location
KEY_FILE = ""
#URL of the fortigate (FQDN/IP only, no https://)
URL = ""
#API token
TOKEN = ""

def _main():

    inot = inotify.adapters.Inotify()
    inot.add_watch(path_unicode=CERT_FILE,mask=inotify.constants.IN_CLOSE_WRITE)
    for event in inot.event_gen(yield_nones=False):
        fortigate = Fortigate(host=URL, token=TOKEN)
        fortigate.login()

        with open(CERT_FILE, "rb") as read:
            cert = base64.urlsafe_b64encode(read.read(-1)).decode()
        with open(KEY_FILE, "rb") as read:
            key = base64.urlsafe_b64encode(read.read(-1)).decode()

        date = datetime.today().strftime('%Y-%m-%d')

        data = {
            "certname": "CERTIFICATE-" + date,
            "file_content": cert,
            "key_file_content": key,
            "password": "",
            "scope": "global",
            "type": "regular"
        }

        response = fortigate.post(url="api/v2/monitor/vpn-certificate/local/import/", data=data)
        print(response)

        data = {
            "name": "wildcard deep inspection",
            "server-cert": [
                {"name": "CERTIFICATE-" + date}
            ],
            "server-cert-mode": "replace"
        }
        response = fortigate.put(url="api/v2/cmdb/firewall/ssl-ssh-profile/wildcard%20deep%20inspection/", data=data)
        print(response)

        fortigate.logout()

if __name__ == '__main__':
    _main()

requirements.txt

fortigate_api
inotify