Forum Discussion

gtsg86's avatar
gtsg86
Icon for Altostratus rankAltostratus
Feb 07, 2022

Unable to extract key information from \"/config/filestore/files_d/partition_d/ to /var/system/tmp/t

Hi, I am trying to create a csr from an existing key  using: device = bigip.BIGIP(lb,uname,pwd) csr_created = device.create(f'/mgmt/tm/sys/crypto/csr', csr_o) where csr is : csr_o = {'name': f'/...
  • VernonWells's avatar
    Feb 14, 2022

    Have you tried using the DELETE method on the existing CSR, rather than deleting it using tmsh?  The iControlREST API for /tm/sys/crypto/csr appears to support that method.

  • gtsg86's avatar
    gtsg86
    Feb 15, 2022

    oh! yes I understood the process.

    to Renew the csr and keep the same key and cert,  delete the csr and create a new one :

    1) delete the old CSR:

    csr1 = mgmt.tm.sys.file.ssl_csrs.ssl_csr.load(name=csr_found['name'], partition=partition_name)
    csr1.delete()

    2) create a new one,  by specifying the key location

    csr = mgmt.tm.util.bash.exec_cmd('run',
    utilCmdArgs=f"-c 'tmsh create sys crypto csr /{name[1]}/{name[2]} "
    f"admin-email-address \"{email}\" "
    f"city \"{cert_found['city']}\" "
    f"common-name \"{name[2]}\" "
    f"country \"{cert_found['country']}\" "
    f"email-address \"{email}\" "
    f"key \"{key_found['name']}\" "
    f"organization \"{cert_found['organization']}\" "
    f"state \"{cert_found['state']}\" "
    f"subject-alternative-name \"{cert_found['subjectAlternativeName']}\" "
    f"'")

     

    Thank you VernonWells