iControl set_key_certificate_file method not working

Question

Running: BIG-IP 11.3.0 Build 3138.0 Hotfix HF7
When making a call to the iControl method LocalLB::ProfileClientSSL::set_key_certificate_file I'm getting back the following error:
SOAP Fault calling submit_transaction: Exception caught in System::urn:iControl:System/Session::submit_transaction()
Exception: Common::OperationFailed
        primary_error_code   : 17240906 (0x0107134A)
        secondary_error_code : 0
        error_string         : 0107134a:3: File object by name (/apphosting/rice-alt/qa/rice-alt.qa.umd.edu.crt) is missing.
I'm getting this file path from the get_certificate_list() method, which is returning the following data:
             'is_bundled' =&gt; 0,
             'file_name' =&gt; '/apphosting/rice-alt/qa/rice-alt.qa.umd.edu.crt',
             'certificate' =&gt; bless( {
                                       'serial_number' =&gt; '03:ff:da:2d:73:31:a7:0e:df:35:88:81:bd:eb:d1:d5',
                                       'key_type' =&gt; 'KTYPE_RSA_PUBLIC',
                                       'cert_type' =&gt; 'CTYPE_CA_SIGNED_NO',
                                       'subject' =&gt; bless( {
                                                           'division_name' =&gt; '',
                                                           'locality_name' =&gt; 'College Park',
                                                           'country_name' =&gt; 'US',
                                                           'common_name' =&gt; 'rice-alt.qa.umd.edu',
                                                           'state_name' =&gt; 'Maryland',
                                                           'organization_name' =&gt; 'University of Maryland, College Park'
                                                         }, 'Management::KeyCertificate::X509Data' ),
                                       'expiration_string' =&gt; 'Jan 10 12:00:00 2017 GMT',
                                       'version' =&gt; '3',
                                       'issuer' =&gt; bless( {
                                                          'division_name' =&gt; 'www.digicert.com',
                                                          'locality_name' =&gt; '',
                                                          'country_name' =&gt; 'US',
                                                          'common_name' =&gt; 'DigiCert SHA2 High Assurance Server CA',
                                                          'state_name' =&gt; '',
                                                          'organization_name' =&gt; 'DigiCert Inc'
                                                        }, 'Management::KeyCertificate::X509Data' ),
                                       'expiration_date' =&gt; '1484049600',
                                       'cert_info' =&gt; bless( {
                                                               'email' =&gt; '',
                                                               'id' =&gt; '/apphosting/rice-alt/qa/rice-alt.qa.umd.edu'
                                                             }, 'Management::KeyCertificate::Certificate' ),
                                       'bit_length' =&gt; '2048'
                                     }, 'Management::KeyCertificate::CertificateDetail' )
           }, 'Management::KeyCertificate::CertificateInformation' );

The file mentioned in the error (/apphosting/rice-alt/qa/rice-alt.qa.umd.edu.crt) does not exist in the filesystem, but manually adding this certificate to an SSLClient profile via the web interface works without error. 
What am I doing wrong with this call?

srivignesh_1217 · Answer

Facing the same problem for set_chain_file_v2 method as follows:

Exception caught in LocalLB::urn:iControl:LocalLB/ProfileClientSSL::set_chain_file_v2() Exception: Common::OperationFailed primary_error_code : 17240906 (0x0107134A) secondary_error_code : 0 error_string : 0107134a:3: File object by name (citrixinterca) is missing

Is there any solution available for this issue?

mhite_60883 · Answer

I've also faced this same problem. &nbsp;

ben_codner_1928 · Answer

I was getting this same error anytime I attempted to add a Digicert chain to a SSL profile. I finally added it through the web interface and did a call using get_chain_file_v2 to find out what it showed. The chain had a .crt extension on the path. I added that to my automation and bam, it worked. Hope this helps someone else.

Forum Discussion

iControl set_key_certificate_file method not working

3 Replies

Recent Discussions

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Chrome V 124+ on MacOS - Virtual Server Access Issue

Related Content

Getting Started with iControl: Working with Statistics

iControl REST: Working with Pool Members

Getting Started with iControl: Working with Configuration Objects

iControl REST Authentication Token Management

Working with subsets of data-group records via iControl REST