Forum Discussion
How to Create a CSR in Powershell/iControl using an Existing Key
Hello,
I am trying to automate CSR creation on the BigIP with iControl/Powershell. I can easily create new CSRs using new keys, but I can't figure out how to generate a CSR using an existing key. We need to do this so that we can update our SAN certs without invalidating the existing Certificate/key pair while we process the request with our provider.
I use this to create a new key for a brand new CSR/Certificate request ...
$CSRKey = New-Object -TypeName iControl.ManagementKeyCertificateKey_v2;
$CSRKey.id = 'www.sitename.com';
$CSRKey.key_type = 'KTYPE_RSA_PUBLIC';
$CSRKey.bit_length = 2048;
$CSRKey.security = 'STYPE_NORMAL';
... but I can't find any functions in the iControl Reference Wiki to grab an existing key to use for the CSR.
Can anyone point me in the right direction?
Thanks!, Sean
- Sean_PowellNimbostratus
So I answered my own question by re-reading the description of the function more clearly ...
“Generates the specified certificate signing requests. This assumes that each of the associated keys, having the same identification as each certificate request, has already been created.”
So it turns out you don't need to create a new key at all, as you don't specifically need to reference it when creating the CSR, you just need to create the CSR with the same name as an existing key.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com