Forum Discussion
NetSnoopy
Cirrus
CirrusCreate client-ssl profile with tmsh error
Hello, i want to add a mass profile creation with tmsh. But always i get the error
010717e3:3: Client SSL profile must have RSA certificate/key pair.create ltm profile client-ssl /Part_123/clientssl_123.xyz.com_1 { app-service none cert /Part_123/clientssl_123.xyz.com_1.crt cert-key-chain add { clientssl_123.xyz.com_1 { cert /Part_123/clientssl_123.xyz.com_1.crt key /Part_123/clientssl_123.xyz.com_1.key chain /Common/Int-CA.crt }} chain /Common/Int-CA.crt key /Part_123/clientssl_123.xyz.com_1.key defaults-from /Common/clientssl_onlyECDHE server-name 123.xyz.com }All partitions and cert and so one exist. I hope you can help me. Cheers
3 Replies
Jad_Tabbara__J1Cirrostratus
Hello,
Try to use the command in the following order
create ltm profile client-ssl clientssl-profile-name { cert your_cert.crt key your_cert.key chain theChainCert.crt }I tried it on my lab it works
Regards
Ilian_IvanovNimbostratus
Hi,
You can try with:
create ltm profile client-ssl /Part_123/clientssl_123.xyz.com_1 app-service none cert /Part_123/clientssl_123.xyz.com_1.crt key /Part_123/clientssl_123.xyz.com_1.key chain /Common/Int-CA.crt defaults-from /Common/clientssl_onlyECDHE server-name 123.xyz.comRegards
Greetings,
Do you have an RSA key / cert pair associated or is the current pair ECC, DES, etc?"RSA - a public key encryption algorithm. The SSL profile requires an RSA certificate/key pair."
https://support.f5.com/csp/article/K15062
Kevin
