Forum Discussion

mihaic's avatar
Dec 20, 2023

AS3 TLS certificate without passphrase

Hi!

I am trying to use AS3 to create a HTTPS service. It seems I can not do it with only a cert and a key.

                      "webcert": {
                        "class": "Certificate",
                        "remark": "in practice we recommend using a passphrase",
                        "certificate": "-----BEGIN CERTIFICATE----- -----END CERTIFICATE-----",
                        "privateKey": "-----BEGIN PRIVATE KEY----- -----END PRIVATE KEY-----"                 
                    }

I am creating a new self signed cert and key .

I get this if i don't use a cert/key pair and a passphrase: 

Error: posting as3 config failed for tenants:(Tenant_01) with error: Tenant Creation failed

It only works if add a passphrase also.  I am using a config from an example on the site for this.

In the Schema reference, it says it is optional. But it seems it is not optional. Is that true?

thanks!

  • I've managed to fix it myself.
    So I'll share it, maybe it helps someone. The idea was to use Terraform to create a cert/key pair and then use it in my JSON template.

    I have used base64 endcode to fix it.

                          "webcert": {
                            "class": "Certificate",
                            "remark": "in practice we recommend using a passphrase",
                            "certificate": {
                                "base64": "${cert}"
                            },
                            "privateKey": {
                                "base64": "${key}"
                            }  
    }


    Here is the link to the whole project:   https://github.com/czirakim/F5_AS3/tree/master

    and more info, here : https://latebits.com/2023/12/18/using-terraform-and-as3-to-create-new-services-on-f5-ltm/

     

  • I've managed to fix it myself.
    So I'll share it, maybe it helps someone. The idea was to use Terraform to create a cert/key pair and then use it in my JSON template.

    I have used base64 endcode to fix it.

                          "webcert": {
                            "class": "Certificate",
                            "remark": "in practice we recommend using a passphrase",
                            "certificate": {
                                "base64": "${cert}"
                            },
                            "privateKey": {
                                "base64": "${key}"
                            }  
    }


    Here is the link to the whole project:   https://github.com/czirakim/F5_AS3/tree/master

    and more info, here : https://latebits.com/2023/12/18/using-terraform-and-as3-to-create-new-services-on-f5-ltm/