Forum Discussion

Josh_Becigneul_'s avatar
Icon for Nimbostratus rankNimbostratus
Oct 22, 2014

Upload SSL certificate/key via REST API

Hello All,

Looking to see if anyone knows of a method of uploading certs and keys to a BIGIP unit, using a method similar to the following example, but using REST instead of the SOAP API.


  puts bigip["Management.KeyCertificate"].certificate_import_from_pem('MANAGEMENT_MODE_DEFAULT', [ cert['cert_name'] ], [['cert_file']).read ], true)
  puts bigip["Management.KeyCertificate"].key_import_from_pem('MANAGEMENT_MODE_DEFAULT', [ cert['cert_name'] ], [['key_file']).read ], true)


10 Replies

  • I'm looking to do the same in python, but using the SDK? any reference for that?


      • JRahm's avatar
        Icon for Admin rankAdmin

        you'll want something a little more foolhardy. That logic has been rolled into either the f5-common-python library (no longer maintained) or the newer bigrest library, which is actively being developed (but not by F5). Even so, I recommend the latter.

        Original Script

        To do it with bigrest (untested but should be close):

        from bigrest.bigip import BIGIP
        from pathlib import Path
        import sys
        def instantiate_bigip(host, user, password):
                obj = BIGIP(host, user, password)
            except Exception as e:
                print(f"Failed to connect to {host} due to {type(e).__name__}:\n")
            return obj
        def upload_file(obj, filename):
            if Path(filename).suffix == ".iso":
                endpoint = "/mgmt/cm/autodeploy/software-image-uploads"
                endpoint = "/mgmt/shared/file-transfer-uploads"
                obj.upload(endpoint, filename)
            except Exception as e:
                print(f"Failed to upload {Path(filename).name} due to {type(e).__name__}:\n")
        if __name__ == "__main__":
            host = ''
            user = 'admin'
            password = 'admin'
            f = '/path/to/your/file/'
            b = instantiate_bigip(host, user, password)

         You can add argparse to take arguments instead of hardcoding the file and bigip details, or set them as environment variables and include them that way. Obviously not secure to keep credentials this way.

    • Akash9920's avatar
      Icon for Nimbostratus rankNimbostratus

      Hi Jason, can we upload a file to a specific folder? instead of the default location?

  • Well, that's why there are multiple interfaces and APIs. :)


    I use both SOAP and REST in my scripts, sometimes even within the same sub-routine depending on what I find works best or is the most efficient. If you're dead set on using the REST API, then try using the equivalent of the Net::SCP::Expect module in Perl for whatever language (Python?) you're writing in to upload the files before running your post.


  • Aha! Well, I did know about that method, but I was hoping to avoid the multiple steps needed to handle it.


  • I believe this was answered here: