Forum Discussion
lnxgeek
Feb 23, 2022MVP
Enable OCSP Stapling via REST API
Hi all
I'm struggling with the command syntax that will apply my OCSP stabling configuration on a certificate. I have found a workaround by pushing native tmsh commands via the bash api like this: ...
- Mar 01, 2022
Hi lnxgeek, give this a shot:
## Human Readable ## POST to: https://ltm3.test.local/mgmt/tm/sys/file/ssl-cert/example.com_2021-12-12/cert-validators body: {“name": "letsencrypt_ocsp_R3"} PATCH to: https://ltm3.test.local/mgmt/tm/sys/file/ssl-cert/example.com_2021-12-12/ body: {“certValidationOptions": ["ocsp"], "issuerCert": "RE_LE_2025"} ## CURL COMMANDS ## curl -X POST \ 'https://ltm3.test.local/mgmt/tm/sys/file/ssl-cert/example.com_2021-12-12/cert-validators' \ --header 'Accept: */*' \ --header 'User-Agent: Thunder Client (https://www.thunderclient.io)' \ --header 'Content-Type: application/json' \ --header 'Authorization: Basic YWRtaW46YWRtaW4=' \ --data-raw '{"name": "letsencrypt_ocsp_R3"}' curl -X PATCH \ 'https://ltm3.test.local/mgmt/tm/sys/file/ssl-cert/example.com_2021-12-12/' \ --header 'Accept: */*' \ --header 'User-Agent: Thunder Client (https://www.thunderclient.io)' \ --header 'Content-Type: application/json' \ --header 'Authorization: Basic YWRtaW46YWRtaW4=' \ --data-raw '{"certValidationOptions": ["ocsp"], "issuerCert": "RE_LE_2025"}'
JRahm
Admin
Hi lnxgeek, give this a shot:
## Human Readable ##
POST
to: https://ltm3.test.local/mgmt/tm/sys/file/ssl-cert/example.com_2021-12-12/cert-validators
body: {“name": "letsencrypt_ocsp_R3"}
PATCH
to: https://ltm3.test.local/mgmt/tm/sys/file/ssl-cert/example.com_2021-12-12/
body: {“certValidationOptions": ["ocsp"], "issuerCert": "RE_LE_2025"}
## CURL COMMANDS ##
curl -X POST \
'https://ltm3.test.local/mgmt/tm/sys/file/ssl-cert/example.com_2021-12-12/cert-validators' \
--header 'Accept: */*' \
--header 'User-Agent: Thunder Client (https://www.thunderclient.io)' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic YWRtaW46YWRtaW4=' \
--data-raw '{"name": "letsencrypt_ocsp_R3"}'
curl -X PATCH \
'https://ltm3.test.local/mgmt/tm/sys/file/ssl-cert/example.com_2021-12-12/' \
--header 'Accept: */*' \
--header 'User-Agent: Thunder Client (https://www.thunderclient.io)' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic YWRtaW46YWRtaW4=' \
--data-raw '{"certValidationOptions": ["ocsp"], "issuerCert": "RE_LE_2025"}'
JRahm
Mar 01, 2022Admin
also note that the /sys/crypto interface shouldn't be used period with the iControl REST interface, use /sys/file/ssl-key, /sys/file/ssl-cert, and /sys/file/ssl-csr instead.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects