Forum Discussion
Josh_Becigneul_
Nimbostratus
NimbostratusUpload SSL certificate/key via REST API
Hello All,
Looking to see if anyone knows of a method of uploading certs and keys to a BIGIP unit, using a method similar to the following example, but using REST instead of the SOAP API.
Example:
puts bigip["Management.KeyCertificate"].certificate_import_from_pem('MANAGEMENT_MODE_DEFAULT', [ cert['cert_name'] ], [ File.open(cert['cert_file']).read ], true)
puts bigip["Management.KeyCertificate"].key_import_from_pem('MANAGEMENT_MODE_DEFAULT', [ cert['cert_name'] ], [ File.open(cert['key_file']).read ], true)
Thanks!
Andrew_HuskingCirrus
I believe this was answered here:
https://devcentral.f5.com/questions/upload-ssl-keys-certs-via-icontrol-rest-api
Aha! Well, I did know about that method, but I was hoping to avoid the multiple steps needed to handle it.
Faintly_LuckyWell, that's why there are multiple interfaces and APIs. :)
I use both SOAP and REST in my scripts, sometimes even within the same sub-routine depending on what I find works best or is the most efficient. If you're dead set on using the REST API, then try using the equivalent of the Net::SCP::Expect module in Perl for whatever language (Python?) you're writing in to upload the files before running your post.
- JRahm
Admin
Here's an example to upload files via iControl REST with python.
Akash9920Hi Jason, can we upload a file to a specific folder? instead of the default location?
Brian_GibsonHi Jason,
Do you still have this python script?
- JRahm
you'll want something a little more foolhardy. That logic has been rolled into either the f5-common-python library (no longer maintained) or the newer bigrest library, which is actively being developed (but not by F5). Even so, I recommend the latter.
To do it with bigrest (untested but should be close):
from bigrest.bigip import BIGIP from pathlib import Path import sys def instantiate_bigip(host, user, password): try: obj = BIGIP(host, user, password) except Exception as e: print(f"Failed to connect to {host} due to {type(e).__name__}:\n") print(f"{e}") sys.exit() return obj def upload_file(obj, filename): if Path(filename).suffix == ".iso": endpoint = "/mgmt/cm/autodeploy/software-image-uploads" else: endpoint = "/mgmt/shared/file-transfer-uploads" try: obj.upload(endpoint, filename) except Exception as e: print(f"Failed to upload {Path(filename).name} due to {type(e).__name__}:\n") print(f"{e}") sys.exit() if __name__ == "__main__": host = '1.1.1.1' user = 'admin' password = 'admin' f = '/path/to/your/file/file.xyz' b = instantiate_bigip(host, user, password) upload_file(f)You can add argparse to take arguments instead of hardcoding the file and bigip details, or set them as environment variables and include them that way. Obviously not secure to keep credentials this way.
no3am_307596I'm looking to do the same in python, but using the SDK? any reference for that?
