Forum Discussion
Matt_Phelps_142
Altocumulus
I typically hit the API with C, but PowerShell isn't too far off, so I converted what I had and I can upload a certificate file with this script to one of our LTMs (13.0.) The trickiest part is calculating the content-range header, so I'm sure there is a much better way, but this seemed to work. I did not test uploading and adding the private key, but it should be the same calls, just replace "cert" with "key."
Matt_Phelps_142
Nov 14, 2017Altocumulus
$bigip = "URL of BIG-IP"
$user = "admin"
$pass = "super secret password" | ConvertTo-SecureString -asPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential($user,$pass)
Calculate content-range
$pathtofile = "path to your file"
$file = [IO.File]::ReadAllBytes($pathtofile)
$enc = [System.Text.Encoding]::GetEncoding("iso-8859-1")
$encodedfile = $enc.GetString($file)
$range = "0-" + ($encodedfile.Length - 1) + "/" + $encodedfile.Length
$headers = @{ "Content-Range" = $range}
Upload the file
$filename = "file name you want on BIG-IP"
$url = "https://" + $bigip + "/mgmt/shared/file-transfer/uploads/" + $filename
$uploadresult = Invoke-WebRequest $url -method Post -Headers $headers -InFile $pathtofile -ContentType "multipart/form-data" -TimeoutSec 20 -Credential $credential | ConvertFrom-Json
Add new certificate
class cert
{
[string]$command
[string]$name
[string]$fromLocalFile
}
$cert = New-Object -TypeName cert
$cert.command = "install"
$cert.name = "name you want for certificate"
$cert.fromLocalFile = $uploadresult.localFilePath
$body = $cert | ConvertTo-Json
$url = "https://" + $bigip + "/mgmt/tm/sys/crypto/cert"
$certresult = Invoke-WebRequest $url -method Post -Body $body -ContentType "application/json" -Credential $credential | ConvertFrom-Json