Export a FIPS based CSR (Certificate Signing Request) via iControl

Doesn't really matter if its fips or not. The only thing stored in the HSM on a FIPs device is the key material (assuming you flag it as fips).

I couldn't find any obvious way to get the CSR via native iControl, but this worked:

curl -sk -u 'admin:admin' -H "Content-Type: application/json" -X POST https://localhost/mgmt/tm/util/bash -d "{\"command\":\"run\",\"utilCmdArgs\":\"-c 'tmsh list sys crypto csr test.csr'\"}" | python -m json.tool
{
    "command": "run",
    "commandResult": "-----BEGIN CERTIFICATE REQUEST-----\nMIICezCCAWMCAQAwJTELMAkGA1UEBhMCVVMxFjAUBgNVBAMTDXJlc3QudGVzdC5j\nb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTs/cs077ZO1kg0CEQ\nO0OOHBCbEKB2TVkVDDyMrdM0LfCApfFbzPIy6/cBeMeqGUFjId/9zHcW3nz1c5kf\nDUoiForim/v0NUoRPYSWxkbLcnlsCVxmHdMJidWPYf6XA5zV2vbEEMuksckwqdpW\nw58QQkcx8RU04OgSO7XVGJNgp59S2xwYRw8Lio7VjPq6Ut7S1o/+2EeRSa/R9Y0O\nTIO11eOsXwk56/D3wPTeG+WXLIqcu+O+bLyIC7JX6f3oV8X6Jc5GVLqOALce04t2\nalbeGbsr9GPNi4Cxo3TixnnW5IQC3FqznNSZ5I1e995KOE+lzFajbMUDtE/K2tD3\nLL6zAgMBAAGgETAPBgkqhkiG9w0BCQ4xAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBt\n1MOQMyT0mFh0iCTEYnaVdsYomEcpu+/bIwmhjub/xgNDXSiOGwmugz30l0U9ZBPG\nHV6I7uxpjNjq9kReLYJNkg2sbhksehpFG4bq2NGpqRIWyYUVmndKYSOd03hIMnpW\n3+/OELGh+97N/lMZF+dnkxrlEsOD2b/aHjouN9RF7qt6S7YLIaOH0FY38Bh/mYsQ\nyIchf+L3pTOLdSZt4RameoKvrDco0yKs3/Yvwf71WE5neXFzQGR8E9225n674Cvi\nAEzH1d3VCjDVKhLuIoCR7H9Li8zPD6MDQZ+dnJReYWMcjXvQCC2i7t3N5Kg5m4ea\nGa41LAZ2+tJ+eaAY0s7Z\n-----END CERTIFICATE REQUEST-----\nsys crypto csr test.csr {\n    challenge-password\n    city\n    common-name rest.test.com\n    country US\n    email-address\n    key-size 2048\n    organization\n    ou\n    public-key-type RSA\n    state\n    subject-alternative-name\n}\n",
    "kind": "tm:util:bash:runstate",
    "utilCmdArgs": "-c 'tmsh list sys crypto csr test.csr'"
}