Forum Discussion

Francois_LAGANT's avatar
Francois_LAGANT
Icon for Nimbostratus rankNimbostratus
Aug 24, 2022

API REST error 400

Hello,
I try to download an ssl certificate via the REST APIs /mgmt/tm/sys/crypto/cert from f5 but I always get the following response:

 

curl -sk -H "X-F5-Auth-Token: XXXXXX" https://x.x.x.x/mgmt/tm/sys/crypto/cert -H 'Content-Type: application/json' -d '{"command": "install","name":"testcsr","from-local-file":"/var/www/html/certs/certificates/files/test_certificate.pem"}'
{"code":400,"message":"Unable to copy (/var/www/html/certs/certificats/files/test_certificate.pem) into tempfile (/var/system/tmp/tmsh/LmjqSd/test_certificate.pem), No such file or directory","errorStack":[],"apiError":26214401}

 

with the API /mgmt/tm/sys/crypto/key it's the same

 

curl -sk -H "X-F5-Auth-Token: XXXXXX" https://x.x.x.x/mgmt/tm/sys/crypto/key -H 'Content-Type: application/json' -d '{"command": "install","name":"testpriv","from-local-file":"/var/www/html/certs/certificates/files/test_priv_key.pem"}'
{"code":400,"message":"Unable to copy (/var/www/html/certs/certificats/files/test_priv_key.pem) into tempfile (/var/system/tmp/tmsh/qbfN77/test_priv_key.pem)

 

However, the upload function works correctly:

 

curl -sk -H "X-F5-Auth-Token: XXXXXX" https://x.x.x.x/mgmt/shared/file-transfer/uploads/test_certificate.pem -H 'Content-Type: application/octet-stream' -H 'Content-Range: 0-2060/2061' -H 'Connection: Close' --data-binary @/var/www/html/certs/certificates/files/test_certificate.pem
{"remainingByteCount":0,"usedChunks":{"0":2061},"totalByteCount":2061,"localFilePath":"/var/config/rest/downloads/test_certificate.pem","temporaryFilePath":"/ var/config/rest/downloads/tmp/test_certificate.pem","generation":0,"lastUpdateMicros":1661351051400388}

 

But from this last command how can I create the certificate?
Thank you for your help

François

API REST cert
devops

6 Replies

Sort By
  • Francois_LAGANT's avatar
    Francois_LAGANT
    Icon for Nimbostratus rankNimbostratus
    Aug 25, 2022

    Hello JRahm
    Thank you for your answer but it does not work, I have another error.
    Test done via curl and via python.

     

    curl -sk -H "X-F5-Auth-Token: XXXXXX" -X POST https://x.x.x.x/mgmt/tm/sys/file/ssl-cert -H 'Content-Type: application/json' -d '{"name":"testcsr","partition": "Common","sourcePath":"/var/www/html/certs/certificats/files/test_certificate.pem"}'
    {
  "code": 400,
  "message": "Failed! exit_code (3).\n",
  "errorStack": [],
  "apiError": 26214401
}
    from f5.bigip import ManagementRoot
# Connect to the BIG-IP
mgmt = ManagementRoot("x.x.x.x", "admin", "admin")
cert = mgmt.tm.sys.file.ssl_certs.ssl_cert.create(name='test_cert', sourcePath='/var/www/html/certs/certificats/files/test_certificate.pem')
    Traceback (most recent call last):
  File "/root/test-f5-api.py", line 22, in <module>
    cert = mgmt.tm.sys.file.ssl_certs.ssl_cert.create(name='test_cert', sourcePath='/var/www/html/certs/certificats/files/test_certificate.pem')
  File "/root/f5-common-python/f5/bigip/resource.py", line 1053, in create
    return self._create(**kwargs)
  File "/root/f5-common-python/f5/bigip/resource.py", line 1015, in _create
    response = session.post(_create_uri, json=kwargs, **requests_params)
  File "/usr/local/lib/python3.9/site-packages/icontrol/session.py", line 295, in wrapper
    raise iControlUnexpectedHTTPError(error_message, response=response)
icontrol.exceptions.iControlUnexpectedHTTPError: 400 Unexpected Error: Bad Request for uri: https://x.x.x.x:443/mgmt/tm/sys/file/ssl-cert/
Text: '{"code":400,"message":"Failed! exit_code (3).\\n","errorStack":[],"apiError":26214401}'

     

    Do you have a working example?
    Test carried out on an F5 in version 13.1.5 and in version 14.1.4.6 with the same result.

    • Francois_LAGANT's avatar
      Francois_LAGANT
      Icon for Nimbostratus rankNimbostratus
      Aug 25, 2022

      I saw on a devcentral post that it was necessary to add file: to the pathfile.

       

      curl -sku admin:admin -X POST https://x.x.x.x/mgmt/tm/sys/file/ssl-cert -H 'Content-Type: application/json' -d '{"name":"testcsr.crt","partition": "Common","sourcePath":"file:/var/www/html/certs/certificats/files/test_certificate.pem"}'
      {
  "code": 400,
  "message": "Failed! exit_code (37).\n",
  "errorStack": [],
  "apiError": 26214401
}
      from f5.bigip import ManagementRoot

# Connect to the BIG-IP
mgmt = ManagementRoot("x.x.x.x", "admin", "admin")
cert = mgmt.tm.sys.file.ssl_certs.ssl_cert.create(name='test_cert', sourcePath='file:/var/www/html/certs/certificats/files/test_certificate.pem')
      Traceback (most recent call last):
  File "/root/test-f5-api.py", line 22, in <module>
    cert = mgmt.tm.sys.file.ssl_certs.ssl_cert.create(name='test_cert', sourcePath='file:/var/www/html/certs/certificats/files/test_certificate.pem')
  File "/root/f5-common-python/f5/bigip/resource.py", line 1053, in create
    return self._create(**kwargs)
  File "/root/f5-common-python/f5/bigip/resource.py", line 1015, in _create
    response = session.post(_create_uri, json=kwargs, **requests_params)
  File "/usr/local/lib/python3.9/site-packages/icontrol/session.py", line 295, in wrapper
    raise iControlUnexpectedHTTPError(error_message, response=response)
icontrol.exceptions.iControlUnexpectedHTTPError: 400 Unexpected Error: Bad Request for uri: https://lbaind2itvpx101-adm.nor.fr.intraorange:443/mgmt/tm/sys/file/ssl-cert/
Text: '{"code":400,"message":"Failed! exit_code (37).\\n","errorStack":[],"apiError":26214401}'

       

      it would be a problem of rights or other API but I don't know where?

      • JRahm's avatar
        JRahm
        Icon for Admin rankAdmin
        Aug 25, 2022

        Looks like you're missing a letter in certificates in your source file path on quick glance.

        on my phone with a break in daddy duty...can dig in a little later this morning once little man gets to preschool.