Forum Discussion
Importing SSL Certs and Keys via TMSH
According to this topic (http://devcentral.f5.com/Community/...fault.aspx) there exists a 'TMSH install cert' command that presumably imports SSL certs and keys. I'm working with LTM's running 10.2.2, and I can't find said command, and I would really like to. I have to produce change-control documents with instructions for an operations group to execute, and being able to do all desired actions from within tmsh would be a really positive step.
- Distance_Vector
Nimbostratus
You could do it this way in tmsh:create /sys file ssl-cert blah.crt { source-path http://foo/blah.crt}
- Mike_Dayton_108
Nimbostratus
For version 10, you can just copy the files into the matching directories:
Payload certs:
/config/ssl/ssl.csr
/config/ssl/ssl.crt
/config/ssl/ssl.key
HTTPD certs for management:
/etc/httpd/conf/ssl.csr
/etc/httpd/conf/ssl.crt
/etc/httpd/conf/ssl.key
For version 11 (maybe someone can update this to be more specific), these files are managed by TMOS requiring you to import the certificate and key data.
The following was done with 11.5. This command will create test.crt and test.key as the managed prefix names. The source file is default.crt or key.
tmsh create /sys file ssl-cert test.crt source-path
tmsh create /sys file ssl-key test.key source-path
- Kevin_K_51432Historic F5 Account
It has been a while, but with 10.2.2, can't you just put them (scp) in the appropriate directory and they then become available for selection by the SSL profile?
/config/ssl/ssl.crt /config/ssl/ssl.key
Kevin
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com