Forum Discussion
Unable to extract key information from \"/config/filestore/files_d/partition_d/ to /var/system/tmp/t
- Feb 14, 2022
Have you tried using the DELETE method on the existing CSR, rather than deleting it using tmsh? The iControlREST API for /tm/sys/crypto/csr appears to support that method.
- Feb 15, 2022
oh! yes I understood the process.
to Renew the csr and keep the same key and cert, delete the csr and create a new one :
1) delete the old CSR:
csr1 = mgmt.tm.sys.file.ssl_csrs.ssl_csr.load(name=csr_found['name'], partition=partition_name)
csr1.delete()2) create a new one, by specifying the key location
csr = mgmt.tm.util.bash.exec_cmd('run',
utilCmdArgs=f"-c 'tmsh create sys crypto csr /{name[1]}/{name[2]} "
f"admin-email-address \"{email}\" "
f"city \"{cert_found['city']}\" "
f"common-name \"{name[2]}\" "
f"country \"{cert_found['country']}\" "
f"email-address \"{email}\" "
f"key \"{key_found['name']}\" "
f"organization \"{cert_found['organization']}\" "
f"state \"{cert_found['state']}\" "
f"subject-alternative-name \"{cert_found['subjectAlternativeName']}\" "
f"'")Thank you VernonWells
Have you tried using the DELETE method on the existing CSR, rather than deleting it using tmsh? The iControlREST API for /tm/sys/crypto/csr appears to support that method.
oh! yes I understood the process.
to Renew the csr and keep the same key and cert, delete the csr and create a new one :
1) delete the old CSR:
csr1 = mgmt.tm.sys.file.ssl_csrs.ssl_csr.load(name=csr_found['name'], partition=partition_name)
csr1.delete()
2) create a new one, by specifying the key location
csr = mgmt.tm.util.bash.exec_cmd('run',
utilCmdArgs=f"-c 'tmsh create sys crypto csr /{name[1]}/{name[2]} "
f"admin-email-address \"{email}\" "
f"city \"{cert_found['city']}\" "
f"common-name \"{name[2]}\" "
f"country \"{cert_found['country']}\" "
f"email-address \"{email}\" "
f"key \"{key_found['name']}\" "
f"organization \"{cert_found['organization']}\" "
f"state \"{cert_found['state']}\" "
f"subject-alternative-name \"{cert_found['subjectAlternativeName']}\" "
f"'")
Thank you VernonWells
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com