Forum Discussion
Aravind
Sep 01, 2021Nimbostratus
after a little bit tweaking in the json file, i could see the new certificate and ssl profile is created in F5 however the association to the virtual server is not happening. following is the updated json file.
{
"class": "AS3",
"action": "patch",
"patchBody": [
{
"op": "add",
"path": "/tenant/Application/front-cert",
"value": {
"class": "TLS_Server",
"certificates": [
{
"certificate": "frontend-cert"
}
],
"ciphers": "DEFAULT"
}
},
{
"op": "add",
"path": "/tenant/Application/frontend-cert",
"value": {
"class": "Certificate",
"certificate": "-----BEGIN CERTIFICATE-----ffddedddd---END CERTIFICATE-----\n",
"privateKey": "-----BEGIN PRIVATE KEY-----ffdddeeessddd-----END PRIVATE KEY-----\n"
},
"Application":{
"class": "Application",
"private-vip-0.4": {
"layer4": "tcp",
"class": "Service_HTTPS",
"serverTLS": "front-cert",
"shareAddresses": true,
"virtualAddresses": [
"192.168.1.x"
]
}
}
}
]
}
I guess, by default this parameter is enabled " default SSL profile for SNI" in TLS_Server profile. due to this, the new ssl profile is not associated. tried looking at the api document for this parameter but could not find the specific key.