F5 Python SDK - list certificates on device results in error

To clarify this is an error returned as part of the REST request, not really related to the SDK. I am able to get the other subcollections, such as a list of the keys, fine. Only the certs subcollection results in this error.

API guide indicates possible reasons for a 400 error are a malformed request or incorrect name in request. I confirmed the name with the parent collection (crypto), and requesting in the same manner as done for the keys subcollection. Not sure what is going wrong with listing the cert subcollection.

>>> crypto = session.get('https:///mgmt/tm/sys/crypto')

>>> print(crypto.text)

{"kind":"tm:sys:crypto:cryptocollectionstate","selfLink":";:[{"reference":{"link":";}},{"reference":{"link":";}},{"reference":{"link":";}},{"reference":{"link":";}},{"reference":{"link":";}},{"reference":{"link":";}},{"reference":{"link":";}}]}

>>> cert = session.get("https:///mgmt/tm/sys/crypto/cert?ver=12.1.1")

>>> print(cert.text)

{"code":400,"message":"Key management library returned bad status: -4, Invalid Parameter","errorStack":[],"apiError":26214401}

Perhaps I was at the wrong endpoint: I can get the list from /mgmt/tm/sys/file/ssl-cert. The number of object here matches the number from TMSH 'show sys crypto cert'.

I could get the class:

certificates = session.tm.sys.crypto.certs.get_collection()

 Then you can iterate through it and get the list.

{'_meta_data': {'allowed_commands': [],
'allowed_lazy_attributes': [<class 'f5.bigip.resource.Stats'>],
'bigip': <f5.bigip.ManagementRoot object at 0x000001E2405E39D0>,
'container': <f5.bigip.tm.sys.crypto.Certs object at 0x000001E25450A8C0>,
'creation_uri_frag': '',
'creation_uri_qargs': {'ver': ['15.1.5.1']},
'exclusive_attributes': [],
'icontrol_version': '',
'icr_session': <icontrol.session.iControlRESTSession object at 0x000001E252664880>,
'minimum_additional_parameters': set(),
'minimum_version': '11.5.0',
'object_has_stats': True,
'read_only_attributes': [],
'reduction_forcing_pairs': [('enabled', 'disabled'),
('online', 'offline'),
('vlansEnabled', 'vlansDisabled')],
'required_command_parameters': set(),
'required_creation_parameters': {'name'},
'required_json_kind': 'tm:sys:crypto:cert:certstate',
'required_load_parameters': {'name'},
'uri': 'https://10.71.199.18:443/mgmt/tm/sys/crypto/cert/~Common~f5-irule.crt/'},
'apiRawValues': {'certificateKeySize': '2048',
'expiration': 'Jul 18 21:00:13 2027 GMT',
'issuer': 'emailAddress=support@f5.com,CN=support.f5.com,OU=Product '
'Development,O=F5 '
'Networks,L=Seattle,ST=Washington,C=US',
'publicKeyType': 'RSA'},
'certValidatorsReference': {'isSubcollection': True,
'link': 'https://localhost/mgmt/tm/sys/crypto/cert/~Common~f5-irule.crt/cert-validators?ver=15.1.5.1'},
'city': 'Seattle',
'commonName': 'support.f5.com',
'country': 'US',
'emailAddress': 'support@f5.com',
'fingerprint': 'SHA256/AC:08:EA:3F:0E:AC:C8:DD:A2:2A:7D:AA:73:02:86:1E:1F:38:51:4A:80:D3:E6:AE:4E:6B:01:0C:68:FF:18:D2',
'fullPath': '/Common/f5-irule.crt',
'generation': 1,
'kind': 'tm:sys:crypto:cert:certstate',
'name': '/Common/f5-irule.crt',
'organization': 'F5 Networks',
'ou': 'Product Development',
'selfLink': 'https://localhost/mgmt/tm/sys/crypto/cert/~Common~f5-irule.crt?ver=15.1.5.1',
'state': 'Washington'}