Forum Discussion

cjs58148's avatar
cjs58148
Icon for Nimbostratus rankNimbostratus
Dec 06, 2019

Download an SSL Certificate hosted by VS/iRule

Hello,

 

I have a need for basic site where when you go to the site and you are prompted to download an SSL certificate from the F5. There doesnt need to be any content, just the cert. This would be similar to an IIS site where if i go to https://mysite.site.com/sslcertificate.crt, it downloads the cert, the cert is just sitting in the root directory for the site.

 

I did try a basic "ifile get certname" irule. It loads the cert as text and displays it in the browser instead of prompting to download.

 

Any ideas or is this not possible from the F5?

 

Thank you!

application delivery
iRules
LTM

4 Replies

Sort By
  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus
    Dec 06, 2019

    If you want the cert for a site, why don't you just ask the site for it? It's presented as part of the TLS negotiation.

    e.g.

    openssl s_client -connect site_name:site_port
  • cjs58148's avatar
    cjs58148
    Icon for Nimbostratus rankNimbostratus
    Dec 06, 2019

    Thank you for your reply.

     

    I have the certificate already. I need to provide it to a number of end user devices to allow an application to function. These are not traditionally managed devices so I currently dont have a way to "deploy" the certificate to them. It is also end user facing so the simpler the better.

  • Hamish's avatar
    Hamish
    Icon for Cirrocumulus rankCirrocumulus
    Dec 06, 2019

    OK. Despite the endpoint having the cert already (Because they just accepted it), I suspect your original problem (Displaying rather than prompting for download) is more related to the headers being wrong, or missing.

     

    Probably Content-Type...

     

    Use curl to try a site you know works ((With the -v parameter) and compare that to the headers you're returning from your iRule