I have a number of health monitors which require a certificate to be presented to the end device. A certificate & key have been imported using the GUI under System > File Management > SSL Certificate List. The "container" name for these these has been specified against "Client Certificate" and "Client Key" within the health monitors. This is working OK.
My question is how can I do a manual check using curl before deploying new health monitors - i.e. if I want to run a check against a new end server to confirm it is replying OK before I actually configure anything on the LTM, how can I make this check using curl? I tried to specify the existing certificate & key as stored in the LTM file structure using the following command:
curl -v -k --key // --cert // https://
but I get an error back - "curl: (58) unable to use client certificate (no key found or wrong pass phrase?)"
The syntax should be
curl -vk --cert [path to cert] --key [path to key] https://something...
I'm not sure that cURL supports a passphrase-enabled private key. You may also need to copy the cert and key to a local place and rename them. Is the key in FIPS by any chance?
I know this is an old post, but could you fix this? I am trying to configure an https monitor by using a server profile, and I am not able to make it works.
Trying to make a curl to debug the output, I am getting
curl: (58) could not load PEM client certificate, OpenSSL error error:0906D06C:PEM routines:PEM_read_bio:no start line, (no key found, wrong pass phrase, or wrong file format?)