import javax.net.ssl.* import java.security.KeyStore import java.io.* import java.net.URL // --- Configuration --- def apiUrl = "https:///AIMWebService/api/Accounts" def appId = "MyAppID" def safe = "MySafe" def objectName = "MyAccount" def pkcs12Path = "/path/to/client.p12" def pkcs12Password = "your_cert_password" // --- Load client certificate into KeyStore --- KeyStore keyStore = KeyStore.getInstance("PKCS12") keyStore.load(new FileInputStream(pkcs12Path), pkcs12Password.toCharArray()) KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509") kmf.init(keyStore, pkcs12Password.toCharArray()) SSLContext sslContext = SSLContext.getInstance("TLS") sslContext.init(kmf.getKeyManagers(), null, new SecureRandom()) // --- Build the full request URL with query params --- def query = "AppID=${URLEncoder.encode(appId, 'UTF-8')}" + "&Safe=${URLEncoder.encode(safe, 'UTF-8')}" + "&Object=${URLEncoder.encode(objectName, 'UTF-8')}" def fullUrl = new URL("${apiUrl}?${query}") def connection = (HttpsURLConnection) fullUrl.openConnection() // --- Apply SSL context (with client cert) --- connection.setSSLSocketFactory(sslContext.getSocketFactory()) // Optional: disable hostname verification (only for testing!) connection.setHostnameVerifier({ hostname, session -> true }) connection.setRequestMethod("GET") connection.setRequestProperty("Accept", "application/json") // --- Read the response --- def responseCode = connection.responseCode if (responseCode == 200) { def reader = new BufferedReader(new InputStreamReader(connection.getInputStream())) def response = reader.lines().join("\n") println "🔐 Response from CyberArk:" println response } else { def errorReader = new BufferedReader(new InputStreamReader(connection.getErrorStream())) def errorMsg = errorReader.lines().join("\n") println "❌ Request failed with code ${responseCode}" println errorMsg }