Forum Discussion
Satoshi_Toyosa1
Jan 24, 2018Employee
Looks like there is no direct iContrl REST API for Device Certificate (to my knowledge), however, as described in K6353: Updating an SSL device certificate on a BIG-IP system, we can manipulate it in the command line by using the
openssl
utility. That means we can do the same via the /mgmt/tm/util/bash
endpoint as below.
curl -sku admin: https:///mgmt/tm/util/bash \
-H "Content-Type: application/json" -X POST \
-d "{\"command\":\"run\", \"utilCmdArgs\": \"-c 'openssl x509 -text -in /config/httpd/conf/ssl.crt/server.crt'\"}" \
| sed 's/\\n/\n/g' | grep "Not After"
Example output:
Not After : Sep 25 01:32:16 2027 GMT
Not elegant, but it does the job. What do you think?