Hi Jason,
I'm not aware of any easy way to do this. If I had to perform a bulk upload myself, I'd use a combination of bash and tmsh.
- Create a /var/tmp/key directory and move all the keys there using SCP.
- Create a /var/tmp/crt directory and move all the certs there using SCP.
- Once all the certs and keys are in place you should be able to run these:
for i in `ls -1 /var/tmp/key`; do tmsh install sys crypto key $i from-local-file /var/tmp/key/$i; done
for i in `ls -1 /var/tmp/crt`; do tmsh install sys crypto cert $i from-local-file /var/tmp/crt/$i; done
tmsh save sys config
I tried this with three cert / key pairs:
tmsh list sys crypt key
sys crypto key siteone.key {
key-size 2048
key-type rsa-private
security-type normal
}
sys crypto key sitethree.key {
key-size 2048
key-type rsa-private
security-type normal
}
sys crypto key sitetwo.key {
key-size 2048
key-type rsa-private
security-type normal
}
tmsh list sys crypto cert
sys crypto cert siteone.crt {
certificate-key-size 2048
city Seattle
common-name localhost.localdomain
country US
email-address root@localhost.localdomain
expiration Dec 25 10:13:15 2023 GMT
organization MyCompany
ou IT
state WA
subject-alternative-name
}
sys crypto cert sitethree.crt {
certificate-key-size 2048
city Seattle
common-name localhost.localdomain
country US
email-address root@localhost.localdomain
expiration Dec 25 10:13:15 2023 GMT
organization MyCompany
ou IT
state WA
subject-alternative-name
}
sys crypto cert sitetwo.crt {
certificate-key-size 2048
city Seattle
common-name localhost.localdomain
country US
email-address root@localhost.localdomain
expiration Dec 25 10:13:15 2023 GMT
organization MyCompany
ou IT
state WA
subject-alternative-name
}