Forum Discussion
Aravind
Nimbostratus
NimbostratusPatching additional TLS certificate to the existing virtual server
Hi, I am New to AS3. tried following json file to patch the new TLS certificate to the existing virtual server however its not working. can you let me know what is the correct procedure ? {
"cl...
AravindNimbostratus
Nimbostratusafter a little bit tweaking in the json file, i could see the new certificate and ssl profile is created in F5 however the association to the virtual server is not happening. following is the updated json file.
{
"class": "AS3",
"action": "patch",
"patchBody": [
{
"op": "add",
"path": "/tenant/Application/front-cert",
"value": {
"class": "TLS_Server",
"certificates": [
{
"certificate": "frontend-cert"
}
],
"ciphers": "DEFAULT"
}
},
{
"op": "add",
"path": "/tenant/Application/frontend-cert",
"value": {
"class": "Certificate",
"certificate": "-----BEGIN CERTIFICATE-----ffddedddd---END CERTIFICATE-----\n",
"privateKey": "-----BEGIN PRIVATE KEY-----ffdddeeessddd-----END PRIVATE KEY-----\n"
},
"Application":{
"class": "Application",
"private-vip-0.4": {
"layer4": "tcp",
"class": "Service_HTTPS",
"serverTLS": "front-cert",
"shareAddresses": true,
"virtualAddresses": [
"192.168.1.x"
]
}
}
}
]
}I guess, by default this parameter is enabled " default SSL profile for SNI" in TLS_Server profile. due to this, the new ssl profile is not associated. tried looking at the api document for this parameter but could not find the specific key.