Automation with iControl to upload SSL Cert & Key

Question

I'm trying to create a script via powershell to automate and upload .crt and .key files to our BIG IP environment. I know there are ways to do it via powershell, Just need a place to start. Please help.

satoshi_toyosa1 · Answer

References:&nbsp;For iControl REST in general:iControlREST Home. Take a look at one of the PDF documents found in the bottom of the page.For PowerShell:PowerShell module for the F5 LTM REST API. For file (including certs and keys) upload and configurations:K12522815: Modifying the BIG-IP device SSL certificate configuration using the iControl REST APIUpload SSL keys/certs via iControl REST API?Demystifying iControl REST Part 5: Transferring Files&nbsp;&nbsp;

joshbarrow · Answer

Found out what I could use. It is actually pretty helpful for folks using Powershell to leverage REST. Thanks to some old buddies of mine. Hopefully this can help someone else as well.

$bigip = Read-Host "BigIP Name: " #Name you would put inside the Web Browser

#Calculate content-range

$standalonefile = Read-Host "Full Filename Inside: "

$pathtofile = "path for the file" + $standalonefile

$file = [IO.File]::ReadAllBytes($pathtofile)

$enc = [System.Text.Encoding]::GetEncoding("iso-8859-1")

$encodedfile = $enc.GetString($file)

$range = "0-" + ($encodedfile.Length - 1) + "/" + $encodedfile.Length

$headers = @{ "Content-Range" = $range}

#Upload the file

$filename = Read-Host "Enter Name for inside the BigIP Temp Folder: " #This will be the name of the file inside the bigIP Temp Folder

$url = "https://" + $bigip + "/mgmt/shared/file-transfer/uploads/" + $filename

$credentials = Get-Credential

pause

$uploadresult = Invoke-WebRequest $url -Credential $credentials -method Post -Headers $headers -InFile $pathtofile -ContentType "multipart/form-data" -TimeoutSec 20 | ConvertFrom-Json

#Add new certificate

class cert

{

[string]$command

[string]$name

[string]$fromLocalFile

}

$cert = New-Object -TypeName cert

$cert.command = "install"

$cert.name = Read-Host "Enter Name for inside the BigIP Cert Store:" #this is what will show up inside the cert store. in the F5

$cert.fromLocalFile = $uploadresult.localFilePath

$body = $cert | ConvertTo-Json

$url = "https://" + $bigip + "/mgmt/tm/sys/crypto/cert"

$certresult = Invoke-WebRequest $url -Credential $credentials -method Post -Body $body -ContentType "application/json" -Headers $headers2 | ConvertFrom-Json

Forum Discussion

Automation with iControl to upload SSL Cert & Key

Recent Discussions

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

FTP PASV mode to Extended Passive mode

Oracle JDBC SSL Termination failing on F5

APM for banner and cert

An Irule for Client Ssl Profile that Allows Unassigned TLS Extension Values (17516)

Related Content

F5 Automation Toolchain Upload

Automating ACMEv2 Certificate Management on BIG-IP

F5 Automation Toolchain: Upload the Components with BIGREST!

BIG-IP Next Automation: AS3 Basics

File Upload via iControl REST

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS