Forum Discussion

GavinW_29074's avatar
Icon for Nimbostratus rankNimbostratus
Oct 31, 2011

TMSH 'Install Cert' option from iApp...

Hi there



I'm trying to create an iApp to stream-line our application deployment.



One of the essential features is going to be the ability to install existing server key pairs...



I've found the 'install cert...' tmsh command, however I was wondering if there is a scripting equivalent...



I cant see it documented on the following page: - however I'm hoping that's just a documentation over-sight...



Any ideas???







5 Replies

  • Mark_Crosland_2's avatar
    Historic F5 Account
    Unfortunately it appears to be a code over-sight. An issue has been logged.



    A work around may be to use the Tcl exec command to run the command from within the iApp.



    exec /usr/bin/tmsh install sys crypto cert ...
  • Mark



    Cheers for the update.



    Will give it a go... Next question is how do I get the cert to the command... Guess a temp file would be best, but can I create that from a text box in the iApp screen?



  • Brent_Blood_768's avatar
    Historic F5 Account
    Mark's workaround would probably work, but I think what you probably want is to use the "file" feature. I covered how to use this to solve your problem in another thread here.



    If you do decide to exec tmsh from within an iApp, be aware of the following: the implementation script of an iApp runs as a transaction so that it either all succeeds or it fails. If you exec tmsh from within that, changes made through such a manner will not be captured by the iApps transaction - so it would be possible to modify your system if the iApp runs into a problem and that modification wouldn't be rolled back.







  • Brent



    Cheers for the update. Your option looks appealing...



    Any pointers on how to create the temp file from a text box on the iApp screen???



  • Brent_Blood_768's avatar
    Historic F5 Account
    There's a related discussion in the iApp forum where we're handling answering this. For anyone following along to this thread, you'll be interested in this for subsequent posts.