Forum Discussion
D_N_28689
Nimbostratus
NimbostratusBlacklisting certificates by certificate id
Hello,
I'm completely new with F5 so please forgive me if I'm making some dumb assumptions.
I've been tasked to write a Java API that will blacklist certificates on the F5 based on the certificate ID.
Digging around the forums, I've read a method where by one manages the config file itself and loads that to F5 and tells F5 to pick up the file. I was wondering if there was a simpler way or doing this. I am under the impression F5 has some kind of method that allows me to pass it a cert ID, and it will black list that certificate automatically.
Is there such a method, and if there is, could someone point me to it? I've been digging around the API docs and haven't found it yet.
Is this methodology the right way of doing things?
Any input is greatly appreciated!
D
17 Replies
- Hi Kumaran,
I have not yet tried it with Axis2, let me get things set up and test it out... I may find something. We have not updated the WSDL in a while, so I suspect we're not WSDL2 compliant, but will need to get the bits set up to verify that and come up with solutions for you either way.
Don. - Hey Again Kumaran,
To keep you going, can you (for now) use the AXIS version of WSDL to Java? ( http://ws.apache.org/axis/ )
We haven't done WSDL2, and honestly just the "literal" portion makes us non-compliant, so this is not a one or two day fix. I'm looking into it, but if you use the WSDL2Java in Apache AXIS instead of AXIS2, it will work for you today (that's what the API is tested with), and I can keep you posted on our status.
Hope that helps,
Don. 
kumaran_52786Thanks for your help.
I have somehow managed to convert the WSDL into Document/literal which is able to generate the code. After I had the simulator working using my new wsdl. I created SOAP MockService using SoapUI for the original WSDL. Then I used aSoapUI client (using the new converted WSDL ) which was being used to send requests to the my simulator, to send requests to mockService ( using original WSDL). Successfully, the client was able to send a request and receive a response back.
Only thing that worries me currently is that if you there strict check on type. Then we would be screwed.
Original WSDL request using SOAP UI:
?
cid:823616514771
?
New Converted WSDL Soap client request
NMausdhf
ImFhcm9uIiwiYmVuMiIsImRhMzIzbm55IiwidHNkZjEiLCJmd2Vyd2U1Ig
FILE_FIRST
-Kumaran- Hi Again Kumaran,
My guess would be this won't work. The reason being that Apache Axis is normally used to generate both sides of the call, meaning if strict type information was on in the client, it likely is expected on the server. But I wasn't involved in that development effort, so the best advice I have is "try it". You're almost there, may as well point it at a BIG-IP and give it a shot.
Though I'm concerned about the Doc/Lit or RPC Encoded issue - obviously if we're expecting encoded we can't take a call using doc/lit. But I'm not clear from your post where you stand on that point.
Don. - kumaran_52786
We are going to give this shot. If it doesn't work, then we have to find some other way.
I have another question.
If I use "upload_file(file_name, byte[])" , then I'm suppose to use set_external_class_file_name(string []class_names, string [] file_names) to let system know to use file upload to black list all the certs in it.
I understand what parameters to use for upload_file(“black_list.txt”, [id1,id2,id3]).
However, I don’t understand what to pass in for set_external_class_file_name ( ???(I don’t know what to pass for class_names[], [“black_list.txt”]). Can you please help me out on this?
Thank you,
Kumaran - kumaran_52786Hey guys,
Do you have any answer to last post? Thanks for your help!
-Kumaran - Hi Kumaran -
Sorry I can't help, but I do know that Don is out this week, but he will be back Monday & will most likely be able to answer.
hth
/deb
