Forum Discussion
Certificate Automation and AS3
Hey everyone!
At my company we have a policy that all private crypto objects must be generated on the target device and never leave it. I am creating a REST-based automation system for the LTM devices, and I am struggling to see how to achieve this using AS3. My desired workflow, from an external server running a python script to send REST commands:
- Have the LTM generate a key and store it. This key may never leave the device.
- On the device, create a CSR.
- Get that CSR and read it from the script, which signs it.
- Upload the signed cert to the device.
- Somehow incorporate this into or make it available for use by an AS3 declaration.
Any ideas?
Thanks!
- ZdenekCirrostratus
There is one small consequence of using AS3 - all SSL certs and keys which are not part of declaration must be stored in Common partition. If you're going to use multitenancy with partitions, this is quite a complication.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com