Forum Discussion

Nimbostratus

Jan 17, 2018

Rest API - Device certificate URL

I wanted to retrieve server certificate(path: System--> Device Certificates--> Device Certificate) expiry information via iControl REST API. can some one provide me API url ?

Employee

Jan 24, 2018

Looks like there is no direct iContrl REST API for Device Certificate (to my knowledge), however, as described in K6353: Updating an SSL device certificate on a BIG-IP system, we can manipulate it in the command line by using the

openssl

utility. That means we can do the same via the

/mgmt/tm/util/bash

endpoint as below.

    curl -sku admin: https:///mgmt/tm/util/bash \
       -H "Content-Type: application/json" -X POST \
       -d "{\"command\":\"run\", \"utilCmdArgs\": \"-c 'openssl x509 -text -in /config/httpd/conf/ssl.crt/server.crt'\"}" \
     | sed 's/\\n/\n/g' | grep "Not After"

Example output:

Not After : Sep 25 01:32:16 2027 GMT

Not elegant, but it does the job. What do you think?

Forum Discussion

Rest API - Device certificate URL

Recent Discussions

rSeries and tenant upgrades

redirect not working

cat and grep command for rst messages

iRule resulting in too many redirects

When F5OS r2800 appliance reboots, interfaces configured at tenant level for VLAN are lost

Related Content

unsupported certificate error with device certificates

Beyond REST: Protecting GraphQL

Creating device trust / trust-domain through iControl REST Call(s)

TLSv1.0 and TLSv1.1 disable in Device Certificate

Device certificate Issuer and other information not updating on the browser's certificate details