Forum Discussion

Jake_88270's avatar
Jake_88270
Icon for Nimbostratus rankNimbostratus
Oct 26, 2017

SSL Certificate Upload With PowerShell using iControl REST

Has anyone found a way to upload SSL Certificates to LTM's running 12.0+ with PowerShell, using iControl REST? I've seen a couple posts using the REST file transfer worker, but written in python, just curious if anyone has successfully gotten this to work using PowerShell?

 

3 Replies

  • I typically hit the API with C, but PowerShell isn't too far off, so I converted what I had and I can upload a certificate file with this script to one of our LTMs (13.0.) The trickiest part is calculating the content-range header, so I'm sure there is a much better way, but this seemed to work. I did not test uploading and adding the private key, but it should be the same calls, just replace "cert" with "key."

     

    • Matt_Phelps_142's avatar
      Matt_Phelps_142
      Icon for Altocumulus rankAltocumulus
       $bigip = "URL of BIG-IP"
      
      $user = "admin"
      $pass = "super secret password" | ConvertTo-SecureString -asPlainText -Force
      $credential = New-Object System.Management.Automation.PSCredential($user,$pass)
      
       Calculate content-range
      $pathtofile = "path to your file"
      $file = [IO.File]::ReadAllBytes($pathtofile)
      $enc = [System.Text.Encoding]::GetEncoding("iso-8859-1")
      $encodedfile = $enc.GetString($file)
      $range = "0-" + ($encodedfile.Length - 1) + "/" + $encodedfile.Length
      $headers = @{ "Content-Range" = $range}
      
       Upload the file
      $filename = "file name you want on BIG-IP"
      $url = "https://" + $bigip + "/mgmt/shared/file-transfer/uploads/" + $filename
      $uploadresult = Invoke-WebRequest $url -method Post -Headers $headers -InFile $pathtofile -ContentType "multipart/form-data" -TimeoutSec 20 -Credential $credential | ConvertFrom-Json
      
       Add new certificate
      class cert
      {
          [string]$command
          [string]$name
          [string]$fromLocalFile
      }
      
      $cert = New-Object -TypeName cert
      $cert.command = "install"
      $cert.name = "name you want for certificate"
      $cert.fromLocalFile = $uploadresult.localFilePath
      $body = $cert | ConvertTo-Json
      
      $url = "https://" + $bigip + "/mgmt/tm/sys/crypto/cert"
      $certresult = Invoke-WebRequest $url -method Post -Body $body -ContentType "application/json" -Credential $credential | ConvertFrom-Json
      
  • I am getting a The remote server returned an error: (500) Internal Server Error. on the first invoke-webrequest after digging around it looks like that url in this script was returning: Public URI path not registered and i was able to find the path should be mgmt/shared/file-transfer/bulk/uploads/ but still not able to upload the file with that url if i try this rest POST in postman i get a 400 bad request.

     

    anyone else using this with success?