mdditt2000
commented
3 years ago ACC 1.13 has resolved this issue
"custom_ssl_cert_key": {
"class": "Certificate",
"certificate": {
"bigip": "/Common/custom_ssl_cert_key"
},
"privateKey": {
"bigip": "/Common/custom_ssl_cert_key"
}
},https://github.com/mdditt2000/f5-appsvcs-acc/tree/master/Github/40
"chainCA": {
"bigip": "none"
}, Is handled correctly. Closing issue out as resolved in ACC 1.13
Environment
Summary
A clear and concise description of what the bug is. Please also include information about the reproducibility and the severity/impact of the issue.
I have found a weird entry in converted declaration certificate object:
Which is not loading onto destination BigIP with following error: "iControl REST error: code: 422, message: declaration is invalid, errors: ['/Common/Shared/custom_ssl_cert_key/chainCA/bigip: should match format \"f5bigip\"']",
In general the thing is about the "chainCA" field. I believe that it should point to a valid object, the "chainCA" field should be ommited.
We have done some testing and it seems that the value of chainCA from the output is exactly the value from
The value "none" should be treated as a special value that should be ignored as this is what BigIP produces when creating cert from GUI when you do not select any chain
Steps To Reproduce
Steps to reproduce the behavior:
Convert following config: bigip.conf.txt
Observe the following output:
Try to deploy the configuration, and observe error:
Expected Behavior
chainCA shoud no be part of the output if the "chain" value is "none" in ltm profile in bigip.conf
Regards