For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

JoshBarrow's avatar
JoshBarrow
Icon for Cirrus rankCirrus
May 14, 2020

Automation with iControl to upload SSL Cert & Key

I'm trying to create a script via powershell to automate and upload .crt and .key files to our BIG IP environment. I know there are ways to do it via powershell, Just need a place to start. Please help.

application delivery
iControlREST
LTM

2 Replies

  • JoshBarrow's avatar
    JoshBarrow
    Icon for Cirrus rankCirrus
    May 26, 2020

    Found out what I could use. It is actually pretty helpful for folks using Powershell to leverage REST. Thanks to some old buddies of mine. Hopefully this can help someone else as well.

     

    $bigip = Read-Host "BigIP Name: " #Name you would put inside the Web Browser

     

     #Calculate content-range

    $standalonefile = Read-Host "Full Filename Inside: "

    $pathtofile = "path for the file" + $standalonefile

    $file = [IO.File]::ReadAllBytes($pathtofile)

    $enc = [System.Text.Encoding]::GetEncoding("iso-8859-1")

    $encodedfile = $enc.GetString($file)

    $range = "0-" + ($encodedfile.Length - 1) + "/" + $encodedfile.Length

    $headers = @{ "Content-Range" = $range}

     

     

     #Upload the file

    $filename = Read-Host "Enter Name for inside the BigIP Temp Folder: " #This will be the name of the file inside the bigIP Temp Folder

    $url = "https://" + $bigip + "/mgmt/shared/file-transfer/uploads/" + $filename

    $credentials = Get-Credential

    pause

    $uploadresult = Invoke-WebRequest $url -Credential $credentials -method Post -Headers $headers -InFile $pathtofile -ContentType "multipart/form-data" -TimeoutSec 20 | ConvertFrom-Json

     

     #Add new certificate

    class cert

    {

      [string]$command

      [string]$name

      [string]$fromLocalFile

    }

     

    $cert = New-Object -TypeName cert

    $cert.command = "install"

    $cert.name = Read-Host "Enter Name for inside the BigIP Cert Store:" #this is what will show up inside the cert store. in the F5

    $cert.fromLocalFile = $uploadresult.localFilePath

    $body = $cert | ConvertTo-Json

     

    $url = "https://" + $bigip + "/mgmt/tm/sys/crypto/cert"

    $certresult = Invoke-WebRequest $url -Credential $credentials -method Post -Body $body -ContentType "application/json" -Headers $headers2 | ConvertFrom-Json