Matt_Frost_1560
Oct 22, 2014Nimbostratus
Generate CSR and upload new cert through iControlREST API
I've been able to create new pools, profiles and VIPs using the iControlREST API. So far it's worked very, very reliably. The only thing that's stopping me from using REST all the way through is not being able to do certificate tasks. This is my attempt at generating a CSR through REST (via Powershell):
$gencsrjson = @"
{
"name": "test.site.com",
"common-name": "test.site.com",
"organization": "My Company",
"city": "Jville",
"state": "IN",
"country": "US",
"key-type": "rsa-private",
"key-size": "2048",
"ou": "NTWSUP",
"email-address": "serversupport@site.com"
}
"@
irm -Uri https://LTM/mgmt/tm/sys/crypto/key/gen-csr/ -Credential $cred -ContentType "application/json" -Method Post -Body $gencsrjson
This is the output:
{
"code": 400,
"errorStack": [],
"message": "Found unexpected json pair at configuration item /sys/crypto/key/gen-csr. The json pair is \"test.site.com\":null."
}
I've resorted to using plink.exe to send a few one-line TMSH/SSH commands to the LTM instead:
.\plink.exe admin@LTM -pw **** 'tmsh create sys crypto key gen-csr test.site.com
common-name test.site.com organization \"My Company\" city Jville state IN
country US key-type rsa-private key-size 2048 ou SS email-address
serversupport@site.com challenge-password *****' | select -Skip 2
| out-file -encoding utf8 test.site.com.csr
.\plink.exe admin@LTM.hps.com -pw ***** "echo $cer | sed -e
's/\s/\n/g'' > /config/ssl/ssl.crt/test.site.com.crt"
.\plink.exe admin@LTM.hps.com -pw ***** "tmsh install /sys crypto cert
test.site.com from-local-file /config/ssl/ssl.crt/test.site.com.crt"
Ideally, it would be awesome if I didn't have to use plink to do these cert tasks. Does anyone know if this is supported in iControlREST or if my syntax is correct?