I have created a script that uploads a certificate to our AX3200-12 with axapi. Is there a way to trigger a manual reload of the certificate, so that I don’t have to update the client ssl template manually?
Expected behavior:
upload ssl certificate with the same name as the old one
client ssl template uses the new certificate
Observed behavior:
upload ssl certificate with the same name as the old one
client ssl template still uses old certificate
(3. manual editing of the template or a reload of the unit is neccessary which is unfavorable)
Any ideas?
I had a couple of issues with the updates, the steps 1 & 2 can stay the same but I decided to use a naming convention based on the service and the year of expiration :
Now for the service not using the new cert, you have to rebind the template at the virtual port level OR use a new template (thats one of the reason I took the road of a new template with the expiration date).
So in you script, for a rebind using an updated cert in an existing template slb virtual-server VIP_SAMPLE 10.0.0.1 port 443 https no template client-ssl TPL_CERT template client-ssl TPL_CERT !
OR with a new template :
slb virtual-server VIP_SAMPLE 10.0.0.1 port 443 https template client-ssl TPL_SAMPLE_2017