Vincent_Li_9688
May 22, 2012Historic F5 Account
How to upload cert through Management :: KeyCertificate :: certificate_import_from_file
Hi ,
I adopted the Perl Certificate Info script https://devcentral.f5.com/wiki/iControl.PlCertificateInfo.ashx, and attempt to add new feature like uploading certificate to BIGIP according to https://devcentral.f5.com/wiki/iControl.Management__KeyCertificate__certificate_import_from_file.ashx, sample code below, the script is not working and there is no error reports, anyone can shed some light on what's going on?
use SOAP::Lite;
use MIME::Base64;
use Math::BigInt;
BEGIN { push (@INC, ".."); }
use iControlTypeCast;
----------------------------------------------------------------------------
Validate Arguments
----------------------------------------------------------------------------
my $sHost = $ARGV[0];
my $sPort = $ARGV[1];
my $sUID = $ARGV[2];
my $sPWD = $ARGV[3];
my $sCommand = $ARGV[4];
my $sProtocol = "https";
my $sMode = "MANAGEMENT_MODE_DEFAULT";
my $sCert_ids = "vli_cert";
my $sFile_names = "/home/vincent/vli_webselfsigncrt.pem"; <==where cert stored in my local linux
if ( ("80" eq $sPort) or ("8080" eq $sPort) )
{
$sProtocol = "http";
}
if ( ($sHost eq "") or ($sPort eq "") or ($sUID eq "") or ($sPWD eq "") )
{
&usage();
}
sub usage()
{
my ($sCmd) = @_;
print "Usage: CertAdmin.pl host port uid pwd command [options]\n";
print " -----------------------------------------------------------\n";
if ( ($sCmd eq "") or ($sCmd eq "upload") )
{
print " upload - upload certificate\n";
}
if ( ($sCmd eq "") or ($sCmd eq "info") )
{
print " info - List certificate info\n";
}
if ( ($sCmd eq "") or ($sCmd eq "version") )
{
print " version - Gets the version of this interface\n";
}
exit();
}
----------------------------------------------------------------------------
Transport Information
----------------------------------------------------------------------------
sub SOAP::Transport::HTTP::Client::get_basic_credentials
{
return "$sUID" => "$sPWD";
}
$KeyCertificate = SOAP::Lite
-> uri('urn:iControl:Management/KeyCertificate')
-> proxy("$sProtocol://$sHost:$sPort/iControl/iControlPortal.cgi");
eval { $KeyCertificate->transport->http_request->header
(
'Authorization' =>
'Basic ' . MIME::Base64::encode("$sUID:$sPWD", '')
); };
if ( $sCommand eq "upload" )
{
&UPLoadCert($sMode);
}
elsif ( $sCommand eq "info" )
{
&GetCertInfo($sMode);;
}
elsif ( $sCommand eq "version" )
{
&handle_version();
}
else
{
&usage();
}
sub UPLoadCert()
{
my $mode = (@_);
$soapResponse = $KeyCertificate->certificate_import_from_file(
SOAP::Data->name(mode => $sMode),
SOAP::Data->name(cert_ids => $sCert_ids),
SOAP::Data->name(file_names => $sFile_names),
SOAP::Data->name(overwrite => 1),
);
&checkResponse($soapResponse);
}
sub GetCertInfo()
{
my ($mode) = (@_);
$soapResponse = $KeyCertificate->get_certificate_list(
SOAP::Data->name(mode => $mode)
);
............SNIP......
}
so if I run "./CertAdmin.pl host port user pass info", it work fine to list existing cert info
but if I run "./CertAdmin host port user pass upload", no errors, but nothing happens to the cert uploading, the function certificate_import_from_file() is bit unclear on where to put the originate certificate, on local box or on bigip.
Vincent