Management::KeyCertificate¶
Methods¶
Method | Description | Introduced |
add_certificate_validator | Adds/associates certificate validators to the specified certificates. If a certificate is associated with a certificate validator and it&aposs certificate status validation option is set accordingly (using set_certificate_status_validation_options), then the certificate&aposs status will be monitored and updated by the certificate validator. | BIG-IP_v13.0.0 |
certificate_add_file_to_bundle | Adds certificates identified by “certificate_files” to the certificate bundles, which are presumed to exist already. Each of the original certificate bundle can theoretically be a normal certificate, i.e. a certificate bundle of one. After the add operation, the bundles will contain more than one certificate. | BIG-IP_v9.2.0 |
certificate_add_pem_to_bundle | Adds certificates identified by “pem_data” to the certificate bundles, which are presumed to exist already. Each of the original certificate bundle can theoretically be a normal certificate, i.e. a certificate bundle of one. After the add operation, the bundles will contain more than one certificate. | BIG-IP_v9.2.0 |
certificate_bind | Binds/associates the specified keys and certificates. | BIG-IP_v9.0 |
certificate_check_validity | Gets the validity of the specified certificates. | BIG-IP_v9.0 |
certificate_delete | Deletes/uninstalls the specified certificates. | BIG-IP_v9.0 |
certificate_delete_from_bundle | Deletes certificates, identified by their subject&aposs X509 data, from the certificate bundles. If the last certificate has been deleted from the bundle, the certificate file will automatically be deleted. | BIG-IP_v9.2.0 |
certificate_delete_from_bundle_by_serial_number | Deletes certificates identified by serial number and issuer&aposs X509 data from certificate bundles. If the last certificate has been deleted from the bundle, the certificate file will automatically be deleted. | BIG-IP_v11.4.0 |
certificate_export_to_file | Exports the specified certificates to the given files. | BIG-IP_v9.0 |
certificate_export_to_pem | Exports the specified certificates to PEM-formatted data. | BIG-IP_v9.0 |
certificate_generate | Generates the specified certificates. This assumes that each of the associated keys, having the same identification as each certificate, has already been created. | BIG-IP_v9.0 |
certificate_generate_with_extensions | Generates certificates with the specified certificate extensions. The associated keys, having the same identification as each certificate, must be created before creating certificates. | BIG-IP_v12.0.0 |
certificate_import_from_file | Imports/installs the specified certificates from the given files. | BIG-IP_v9.0 |
certificate_import_from_pem | Imports/installs the specified certificates from the given PEM-formatted data. | BIG-IP_v9.0 |
certificate_request_delete | Deletes the specified CSRs. | BIG-IP_v9.0 |
certificate_request_export_to_file | Exports the specified certificate requests to the given files. | BIG-IP_v9.0 |
certificate_request_export_to_pem | Exports the specified certificate requests to PEM-formatted data. | BIG-IP_v9.0 |
certificate_request_generate | Generates the specified certificate signing requests. This assumes that each of the associated keys, having the same identification as each certificate request, has already been created. | BIG-IP_v9.0 |
certificate_request_generate_v2 | Generates the specified certificate signing requests. This assumes that each of the associated keys, having the same identification as each certificate request, has already been created. | BIG-IP_v13.0.0 |
certificate_request_generate_with_extensions | Generates certificate signing requests with the specified certificate extensions. The associated keys, having the same identification as each certificate request, must be created before creating certificate signing requests. | BIG-IP_v12.0.0 |
certificate_request_generate_with_extensions_v2 | Generates certificate signing requests with the specified certificate extensions. The associated keys, having the same identification as each certificate request, must be created before creating certificate signing requests. | BIG-IP_v13.0.0 |
certificate_request_import_from_file | Imports/installs the specified certificate requests from the given files. | BIG-IP_v9.0 |
certificate_request_import_from_pem | Imports/installs the specified certificate requests from the given PEM-formatted data. | BIG-IP_v9.0 |
export_all_to_archive_file | Exports all currently installed keys and certificates in the current session active folder into the specified archive file. The archive file is a .tgz file that will contain all keys and certificates. | BIG-IP_v9.0 |
export_all_to_archive_stream | Exports all currently installed keys and certificates in the current session active folder into the returned archive stream. The returned archive stream is basically the contents of a .tgz file that contains all keys and certificates. | BIG-IP_v9.0 |
export_to_archive_file | Exports the specified keys and certificates into the specified archive file. The archive file is a .tgz file that will contain only the specified keys and certificates that have been exported. | BIG-IP_v9.0 |
export_to_archive_stream | Exports the specified keys and certificates into the returned archive stream. The returned archive stream is basically the contents of a .tgz file that contains the exported keys and certificates. | BIG-IP_v9.0 |
get_certificate_bundle | Note that this method has been deprecated as of v11.5.0. Please use method get_certificate_bundle_v2. Gets the list of all certificates bundled in the certificate files as specified by the file_names. Each file_name will contain multiple certficates. | BIG-IP_v9.0 |
get_certificate_bundle_v2 | Gets the list of all certificates bundled in the certificate files as specified by the file_names. Each file_name will contain multiple certificates. This method also provides public-key curve name in the certificate. Note: only call this method when the results of get_certificate_list_v2 indicate that there are multiple certificates bundled in a particular file. | BIG-IP_v11.5.0 |
get_certificate_list | Note that this method has been deprecated as of v11.5.0. Please use method get_certificate_list_v2. Gets the list of all installed certificates and their information. If there&aposs a certificate bundle, only the first certificate in the bundle is returned, and is_bundle flag will be set to true for the correponding bundle file name. | BIG-IP_v9.0 |
get_certificate_list_v2 | Gets the list of all installed certificates and their information. If there&aposs a certificate bundle, only the first certificate in the bundle is returned, and and is_bundle flag will be set to true for the correponding bundle file name. | BIG-IP_v11.5.0 |
get_certificate_request_list | Note that this method has been deprecated as of v11.5.0. Please use method get_certificate_request_list_v2. Gets the list of all CSRs and their information. | BIG-IP_v9.0 |
get_certificate_request_list_v2 | Gets the list of all CSRs and their information. This method also includes public key curve information. | BIG-IP_v11.5.0 |
get_certificate_request_list_v3 | Gets the list of all CSRs and their information. This method also returns admin email and public key EC curve information. | BIG-IP_v13.0.0 |
get_certificate_request_subject_alternative_name | Gets the list of all certificate request subject alternative names in the certificate request file objects as specified by the files. | BIG-IP_v12.1.0 |
get_certificate_status_validation_options | Gets the status validation options for the specified certificates. | BIG-IP_v13.0.0 |
get_certificate_subject_alternative_name | Gets the list of all certificate subject alternative names in the certificate file objects as specified by the file_names. This method is for non-bundled certificates. For certificate bundles, use get_certificate_subject_alternative_name_bundle. | BIG-IP_v11.4.0 |
get_certificate_subject_alternative_name_bundle | Gets the list of all certificate subject alternative names bundled in the certificate files as specified by the file_names. Each file_name will contain multiple certficate subject alternative names. Note: only call this method when the results of get_certificate_list/get_certificate_list_v2 indicate that there are multiple certificates bundled in a particular file. | BIG-IP_v11.1.0 |
get_certificate_validation_status | Gets the validation status for the specified certificates. | BIG-IP_v13.0.0 |
get_certificate_validator | Gets the names of the certificate validators for the specified certificates. | BIG-IP_v13.0.0 |
get_issuer_certificate | Gets the issuer certificates for the specified certificates. | BIG-IP_v13.0.0 |
get_key_list | Note that this method has been deprecated as of v11.5.0. Please use method get_key_list_v2. Gets the list of all installed keys and their information. | BIG-IP_v9.0 |
get_key_list_v2 | Gets the list of all installed keys and their information. | BIG-IP_v11.5.0 |
get_valid_key_sizes | Gets a list of valid key sizes for specified key types. The valid key sizes are bit-lengths of keys that are supported by the system. For example, 1024 and 2048 mean 128-byte and 256-byte RSA key sizes. These sizes are used when generating or importing a key. | BIG-IP_v11.0.0 |
get_version | Gets the version information for this interface. | BIG-IP_v9.0 |
import_all_from_archive_file | Imports/installs all keys and certificates from the specified archive file into current session active folder. The archive file should be a .tgz file that contains all keys and certificates. | BIG-IP_v9.0 |
import_all_from_archive_stream | Imports/installs all keys and certificates from the incoming archive stream into current session active folder. The archive stream should be the contents of a .tgz file that contains all keys and certificates. | BIG-IP_v9.0 |
import_from_archive_file | Imports/installs the specified keys and certificates from the specified archive file. The archive file should be a .tgz file that may contain more keys and certificates than what will be imported/installed. | BIG-IP_v9.0 |
import_from_archive_stream | Imports/installs the specified keys and certificates from the incoming archive stream. The archive stream should be the contents of a .tgz file that may contain more keys and certificates than what will be imported/installed. | BIG-IP_v9.0 |
is_fips_available | Checks to see if the device supports FIPS security. | BIG-IP_v9.0 |
key_certificate_import_from_pem | Note: This method is intended for internal F5 use (hence, no guarantees are made about its operation or existence). Please use key_import_from_pem and certificate_import_from_pem for importing keys and certificates. Imports/installs the specified keys and certificates from the given PEM-formatted data. | BIG-IP_v11.5.0 |
key_delete | Deletes/uninstalls the specified keys. | BIG-IP_v9.0 |
key_export_to_file | Exports the specified keys to the given files. | BIG-IP_v9.0 |
key_export_to_pem | Exports the specified keys to PEM-formatted data. | BIG-IP_v9.0 |
key_generate | Note that this method has been deprecated as of v11.5.0. Please use method key_generate_v2. Generates the specified keys. | BIG-IP_v9.0 |
key_generate_v2 | Generates the specified keys. This method also supports generating EC keys/certificates. | BIG-IP_v11.5.0 |
key_import_from_file | Imports/installs the specified keys from the given files. | BIG-IP_v9.0 |
key_import_from_pem | Import/install of specified keys from PEM-formatted data can be done using key_import_from_pem_v2(), which provides an option to specify security type. Hence this method is deprecated. | BIG-IP_v9.0 |
key_import_from_pem_v2 | Imports/installs the specified keys from the given PEM-formatted data. | BIG-IP_v11.5.0 |
key_to_fips | Converts the specified keys to FIPS-enabled keys. | BIG-IP_v9.0 |
pkcs12_import_from_file | Note that this method has been deprecated as of v11.5.0. Please use method pkcs12_import_from_file_v2. Importing/installing pkcs12 (Public Key Cryptography Standard #12) files can be done using pkcs12_import_from_file_v2(), which provides an option to specify security type of the key. | BIG-IP_v9.0 |
pkcs12_import_from_file_v2 | Imports/installs the specified pkcs12 (Public Key Cryptography Standard #12) information from the given files. This includes keys and certificates, and each file is optionally password-encrypted. The user can select security type for the key. | BIG-IP_v11.5.0 |
remove_all_certificate_validators | Removes all certificate validators from the specified certificates. | BIG-IP_v13.0.0 |
remove_certificate_validator | Removes certificate validators from the specified certificates. | BIG-IP_v13.0.0 |
set_certificate_status_validation_options | Sets the certificate status validation options for the specified certificates. If a certificate is associated with a certificate validator (using add_certificate_validator) and the certificate status validation option is set accordingly, then the certificate&aposs status will be monitored and updated by the certificate validator. The default value is CERT_OPTION_NONE. | BIG-IP_v13.0.0 |
set_issuer_certificate | Sets the issuer certificates for the specified certificates. If a certificate is monitored by a certificate validator, its issuer certificate is required; sometimes the certificate file itself already contains its issuer certificate - if not, then it needs to be configured using this method. | BIG-IP_v13.0.0 |
Structures¶
Structure
Description
A struct that describes the basic information of a certificate, typically used when creating the certificate.
Note that this structure has been deprecated as of v11.5.0. Please use structure CertificateDetail_v2. A struct that describes the detailed information of a certificate.
A struct that describes the detailed information of a certificate.
A struct that describes the certificate extension type and the value.
Note that this structure has been deprecated as of v11.5.0. Please use structure CertificateInformation_v2. A struct that describes the full information of a certificate.
A struct that describes the full information of a certificate.
A struct that describes the basic information of a certificate request, typically used when creating the certificate request.
Note that this structure has been deprecated as of v11.5.0. Please use structure CertificateRequestInformation_v2. A struct that describes the full information of a certificate request.
CertificateRequestInformation_v2
A struct that describes the full information of a certificate request.
CertificateRequestInformation_v3
A struct that describes the full information of a certificate request.
A struct that describes the basic information of a certificate request, typically used when creating the certificate request.
A struct that describes the status of the status of a certifiate and its validator.
Note that this structure has been deprecated as of v11.5.0. Please use structure Key_v2. A struct that describes the basic information of a key, typically used when creating the key.
Note that this structure has been deprecated as of v11.5.0. Please use structure KeyInformation_v2. A struct that describes the full information of a key, typically returned when querying the key.
A struct that describes the full information of a key, typically returned when querying the key.
A struct that describes the basic information of a key, typically used when creating the key.
A struct that describes the information of the x509 data that our key/certificate management library will read from or include in a certificate.
Enumerations¶
Aliases¶
See Also¶
Warning
The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.
Sample Code¶
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.