Download the NGINX Plus Cert and Key Bundle
Overview
This topic explains how to use the F5 NGINX Controller REST API to download your NGINX Plus nginx.crt
and nginx.key
files. You’ll need these files if you’re installing NGINX Plus as part of an NGINX Controller trial.
Authenticate with the NGINX Controller API
The NGINX Controller API uses session cookies to authenticate requests. The session cookie is returned in response to a GET /api/v1/platform/login
request. See the Login endpoint in the NGINX Controller API Reference documentation for information about session cookie timeouts and invalidation.
Tip:
You can send a GET request to the login endpoint to find the status of the session token.
For example:
-
Login and capture the session cookie:
curl -c cookie.txt -X POST --url 'https://<ip address>/api/v1/platform/login' --header 'Content-Type: application/json' --data '{"credentials": {"type": "BASIC","username": "<username>","password": "<password>"}}'
-
Use the session cookie to authenticate and get the session status:
curl -b cookie.txt -c cookie.txt -X GET --url 'https://<ip address>/api/v1/platform/login'
Download the NGINX Plus Certificate and Key Bundle
To use the NGINX Controller REST API to download your NGINX Plus certificate and key bundle as a gzip or JSON file, send a GET request to the /platform/licenses/nginx-plus-licenses/controller-provided
endpoint.
For example:
-
Download JSON file:
curl -b cookie.txt -c cookie.txt --header 'Content-Type: application/json' -X GET --url 'https://192.0.2.0/api/v1/platform/licenses/nginx-plus-licenses/controller-provided' --output nginx-plus-certs.json
-
Download GZIP file:
curl -b cookie.txt -c cookie.txt -X GET --url 'https://192.0.2.0/api/v1/platform/licenses/nginx-plus-licenses/controller-provided' --output nginx-plus-certs.gz
If you are using a self-signed certificate you will need to add-k
(allow insecure connections) to your curl command to be able to download your NGINX Plus certificate and key bundle.
Once you have downloaded your certificate and key bundle you will need to expand the .gz
file to get your certificate and key pair.
For example:
gunzip nginx-plus-certs.gz
What’s Next
This documentation applies to the following versions of NGINX Controller: 3.10, 3.12, 3.13, 3.14, 3.15, 3.16.1, 3.17, 3.18, 3.18.1, 3.18.2 and 3.18.3.
This documentation applies to the following versions of NGINX Controller API Management module: 3.18, 3.18.1, 3.19, 3.19.1, 3.19.2, 3.19.3, 3.19.4 and 3.19.5.
This documentation applies to the following versions of NGINX Controller App Delivery module: 3.20, 3.20.1, 3.21, 3.22, 3.22.1, 3.22.2, 3.22.3, 3.22.4, 3.22.5, 3.22.6, 3.22.7 and 3.22.8.