Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

SSL Certificate Upload With PowerShell using iControl REST

Has anyone found a way to upload SSL Certificates to LTM's running 12.0+ with PowerShell, using iControl REST? I've seen a couple posts using the REST file transfer worker, but written in python, just curious if anyone has successfully gotten this to work using PowerShell?

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

I typically hit the API with C#, but PowerShell isn't too far off, so I converted what I had and I can upload a certificate file with this script to one of our LTMs (13.0.) The trickiest part is calculating the content-range header, so I'm sure there is a much better way, but this seemed to work. I did not test uploading and adding the private key, but it should be the same calls, just replace "cert" with "key."

0
Comments on this Answer
Comment made 4 days ago by Matt Phelps 18
 $bigip = "URL of BIG-IP"

$user = "admin"
$pass = "super secret password" | ConvertTo-SecureString -asPlainText -Force
$credential = New-Object System.Management.Automation.PSCredential($user,$pass)

### Calculate content-range
$pathtofile = "path to your file"
$file = [IO.File]::ReadAllBytes($pathtofile)
$enc = [System.Text.Encoding]::GetEncoding("iso-8859-1")
$encodedfile = $enc.GetString($file)
$range = "0-" + ($encodedfile.Length - 1) + "/" + $encodedfile.Length
$headers = @{ "Content-Range" = $range}

### Upload the file
$filename = "file name you want on BIG-IP"
$url = "https://" + $bigip + "/mgmt/shared/file-transfer/uploads/" + $filename
$uploadresult = Invoke-WebRequest $url -method Post -Headers $headers -InFile $pathtofile -ContentType "multipart/form-data" -TimeoutSec 20 -Credential $credential | ConvertFrom-Json

### Add new certificate
class cert
{
    [string]$command
    [string]$name
    [string]$fromLocalFile
}

$cert = New-Object -TypeName cert
$cert.command = "install"
$cert.name = "name you want for certificate"
$cert.fromLocalFile = $uploadresult.localFilePath
$body = $cert | ConvertTo-Json

$url = "https://" + $bigip + "/mgmt/tm/sys/crypto/cert"
$certresult = Invoke-WebRequest $url -method Post -Body $body -ContentType "application/json" -Credential $credential | ConvertFrom-Json
0