This routines are utilities for setting up public/private keys.
These routines are meant to be used locally on a BIG-IP and operate via tmsh rather than iControl REST. This is so that we do not need to take in unencrypted passwords as parameters either on the command line or via the filesystem.
Notes:
- Only runs locally on a BIG-IP. Cannot run on a remote BIG-IP.
- Uses tmsh rather than iControl REST so that we do not need to take in a password
Methods
(static) generateAndInstallKeyPair(publicKeyDirctory, publicKeyOutFile, privateKeyFolder, privateKeyName, optionsopt) → {Promise}
Generates and installs a public/private key pair if not already installed
Parameters:
| Name | Type | Attributes | Description | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
publicKeyDirctory |
String | Directory into which to write the public key |
|||||||||||||
publicKeyOutFile |
String | Filename for public key |
|||||||||||||
privateKeyFolder |
String | BIG-IP folder into which to install the private key |
|||||||||||||
privateKeyName |
String | Name for private key on BIG-IP |
|||||||||||||
options |
Object |
<optional> |
Optional parameters Properties
|
Returns:
A promise which is resolved with the name of the public key if we installed one, or rejected if an error occurs.
- Type
- Promise
(static) getKeyFilePath(folder, keyType, name)
Parameters:
| Name | Type | Description |
|---|---|---|
folder |
String | BIG-IP folder name. |
keyType |
String | File type. For example: certificate_key or ifile. |
name |
String | Name of key. |
(static) getPrivateKeyMetadata() → {Promise}
Gets the local private key
Returns:
A promise which is resolved with the key metadata or rejected if an error occurs
- Type
- Promise
(inner) listPrivateKey(keyType, folder, name, noRetryopt) → {Promise}
List a private key by folder and name.
Will first search for a private key with a '.key' suffix, and then without a '.key' suffix
Parameters:
| Name | Type | Attributes | Description |
|---|---|---|---|
keyType |
String | Key Type to list. Examples: 'file ssl-key', crypto key |
|
folder |
String | Folder in which to search for the private key. |
|
name |
String | Name of the private key to search for |
|
noRetry |
Boolean |
<optional> |
Whether or not to retry command with a different private key name. |
Returns:
A promise which will be resolved with a dictionary containing the name of the found private key, and the tmsh command response:
{
privateKeyName: <String>,
response: <String>
}- Type
- Promise