Forum Discussion
dmacika_116140
Nimbostratus
NimbostratusiControl and Powershell - key import and certificate import
I am attempting to script out importing a SSL crt/key pair into a new F5 running 11.3. I'm using iControl within Powershell. I've successfully used iControl and Powershell for other tasks on this new F5. Below is my sample code which doesn't seem to be working. Any ideas/suggestions?
$SSLDir = Path to folder containing crt and key files on my machine $url = "www.myurl.com"
$crtfilename = $url + ".crt" $keyfilename = $url + ".key" $keyfile = $SSLDir + "\" + $keyfilename $crtfile = $SSLDir + "\" + $crtfilename
(Get-F5.iControl).ManagementPartition.Set_active_partition("Common") (Get-F5.iControl).ManagementKeyCertificate.key_import_from_file(0,$url,$keyfile,$false) (Get-F5.iControl).ManagementKeyCertificate.certificate_import_from_file(0,$url,$crtfile,$false)
dmacika_116140Worked with F5 support and came up with a working solution. Import_from_pem was failing for me at first. Key is to use the -raw flag on the get-content. Hope this helps others in the future.
$url is the common name of the certificate. .crt and .key files are stored as $url.crt and $url.key $url = "www.mydomain.com" IP address of the F5 $srv = "1.2.3.4" Directory where the crt and key files are placed $SSLDir = "D:\temp" Add-PSSnapIn iControlSnapIn -ErrorAction SilentlyContinue Initialize-F5.iControl -Hostname $srv -Credentials (Get-Credential) (Get-F5.iControl).ManagementPartition.Set_active_partition("Common") $crtfilename = $url + ".crt" $keyfilename = $url + ".key" $keyfile = $SSLDir + "\" + $keyfilename $crtfile = $SSLDir + "\" + $crtfilename $key_pem = get-content $keyfile -raw $crt_pem = get-content $crtfile -raw if ( (test-path $keyfile) -and (test-path $crtfile) ) { (Get-F5.iControl).ManagementKeyCertificate.Key_import_from_pem("MANAGEMENT_MODE_DEFAULT",$url,$key_pem,1) (Get-F5.iControl).ManagementKeyCertificate.certificate_import_from_pem("MANAGEMENT_MODE_DEFAULT",$url,$crt_pem,1) } else { write-host "Missing Files" }