Forum Discussion
Philip_L
Nimbostratus
NimbostratusManagement.KeyCertificate.pkcs12_import_from_file() File Location?
Hello, When using Management.KeyCertificate.pkcs12_import_from_file() Im having trouble figuring out where to place the files. The wiki says /config/ssl/ is used if no directory is specified however no matter what I put in I get an error saying file does not exist. If I add a local directory it tells me it cannot have the ":" (Im using c in windows). Any one have some suggestions?
7 Replies
hoolioCirrostratus
Hi Philip,
I think you want to specify a directory on the client you're running the iControl script on--not BIG-IP.
Aaron
Philip_LThats what I thought. However when I use a local file say c:\ssl\cert.pfx if fails telling me the following:
Exception: Common::OperationFailed
primary_error_code : -17 (0xFFFFFFEF)
secondary_error_code : 0
error_string : Invalid filename. Filenames may only contain the following characters: [A-Za-z][0-9].-_/- hoolioCan you try one of these:
c:\\ssl\\cert.pfx
c:/ssl/cert.pfx
Aaron - Philip_LTried
file_names[0] = @"C:\SSLInfo\Certs\chut.pfx";
file_names[0] = @"C:/SSLInfo/Certs/chut.pfx";
file_names[0] = "C:\\SSLInfo\\Certs\\chut.pfx";
All fail
here is my codeNetworkCredential creds = new NetworkCredential(); creds.UserName = username; creds.Password = password; String[] ids = new string[24]; ids[0] = "test"; String[] file_names = new string[100]; file_names[0] = "C:\\SSLInfo\\Certs\\chut.pfx"; String[] passwords = new string[24]; passwords[0] = "pass"; Management.KeyCertificate.iControl.ManagementKeyCertificate iControl = new Management.KeyCertificate.iControl.ManagementKeyCertificate(); iControl.Url = "https://bigip/iControl/iControlPortal.cgi"; iControl.Credentials = creds; iControl.pkcs12_import_from_file(Management.KeyCertificate.iControl.ManagementKeyCertificateManagementModeType.MANAGEMENT_MODE_WEBSERVER, ids, file_names, passwords, false); - hoolioPer this post, it should be with a forward slash instead of one or more backslashes:
https://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/51/aft/1178926/showtab/groupforums/Default.aspx
file_names[0] = "C:/SSLInfo/Certs/chut.pfx";
Aaron - Philip_LPer that post and your reccomendation I tried that (see begining of my last post) and it failed with:
Exception: Common::OperationFailed
primary_error_code : -17 (0xFFFFFFEF)
secondary_error_code : 0
error_string : Invalid filename. Filenames may only contain the following characters: [A-Za-z][0-9].-_/
here is the code I ran:NetworkCredential creds = new NetworkCredential(); creds.UserName = "username"; creds.Password = "password"; String[] ids = new string[24]; ids[0] = "test"; String[] file_names = new string[100]; file_names[0] = "C:/SSLInfo/Certs/chut.pfx"; String[] passwords = new string[24]; passwords[0] = "pass"; Management.KeyCertificate.iControl.ManagementKeyCertificate iControl = new Management.KeyCertificate.iControl.ManagementKeyCertificate(); iControl.Url = "https://bigip/iControl/iControlPortal.cgi"; iControl.Credentials = creds; iControl.pkcs12_import_from_file(Management.KeyCertificate.iControl.ManagementKeyCertificateManagementModeType.MANAGEMENT_MODE_WEBSERVER, ids, file_names, passwords, false); - Philip_LI switched the string to /tmp/chut.pfx and uploaded the cert to the ltm and the script completed. However, nothing showed up so it looks like the script completed without error but did not actually do anything.
